#USA #New York #Data Security #Certify #SOC-2 Type 2

Certify Achieves Third Consecutive SOC-2 Type 2 Compliance

Certify, a leading provider of data intelligence solutions, has proudly announced the achievement of Service Organization Control (SOC) 2 Type 2 compliance for the third consecutive year. This noteworthy accomplishment builds upon their initial SOC-2 Type 1 certification earned in 2023, reflecting their strong commitment to maintaining the highest standards of security and privacy in an increasingly digital healthcare landscape.

Shannon Kern, the Senior Director of Quality, Compliance, and Security at Certify, emphasized the significance of this achievement, stating, "Our three-year track record of SOC-2 compliance reflects our unwavering commitment to security excellence. These certifications validate that our comprehensive security framework doesn't just exist on paper but operates effectively every day across our entire organization. For our healthcare clients, this means peace of mind knowing their sensitive data is protected by proven, independently-verified safeguards that meet the industry's highest standards."

Achieving SOC-2 Type 2 compliance involves a thorough evaluation of an organization's information systems and security controls over a rigorous 12-month period. The audit is administered by the American Institute of Certified Public Accountants (AICPA) and assesses various controls across nine categories of Trust Services Criteria (TSC) for Security. These categories include control environment, communication and information, risk assessment, monitoring controls, logical and physical access controls, system operations, change management, and risk mitigation, among others.

As healthcare organizations continue their digital transformation journeys, holding security certifications has become critical in establishing reliability and trustworthiness. Kern added, "We see these certifications as stepping stones, not finish lines. We're building the most robust compliance framework and security posture possible, with privacy as our ultimate guide. Our goal has always been to exceed industry standards and make it easy for our healthcare clients to trust us with their sensitive information."

Certify's security program is meticulously designed to align with leading industry frameworks such as NIST. It encompasses various proactive security measures, including continuous monitoring, encryption, secure system architecture, antivirus and malware protection, annual penetration testing, business continuity testing, and comprehensive compliance protocols like security awareness training and vendor risk assessments. This exhaustive and detailed approach to security and compliance demonstrates Certify's dedication to supporting its healthcare partners.

Furthermore, Certify invites interested parties to a webinar on June 25th aimed at discussing how they assist clients in navigating changes to NCQA credentialing standards. Attendees can request an invite through their client relationship managers or by reaching out via email.

Certify has positioned itself as a pioneering architect of modern provider data infrastructure, offering a unique blend of best-in-class technology and unparalleled data accuracy to transform healthcare operations. Originally entering the market in 2021 as a credentialing platform, the company now streamlines the entire provider data lifecycle through a continuously updated source of truth, powered by numerous primary sources and accessible through a single API. Certify's impressive growth trajectory is further supported by esteemed investors, including General Catalyst and Upfront Ventures.

For further details about Certify's services and innovations, please visit their official website at certifyos.com.