What Is SSAE 18 SOC 2?
Statement on Standards for Attestation Engagements 18 (SSAE 18) is a standard from the American Institute of Certified Public Accountants (AICPA). The organization's Auditing Standards Board (ASB) created these regulations to evaluate service companies. Any company that provides outsourced services that affect another company's financial statements can request an audit. SSAE 18 includes three types of reports that review different aspects of a company's operations. The Service and Organization Controls (SOC) 2 report focuses on security and privacy. While IT organizations aren't required to meet these standards, we receive a yearly SOC 2 evaluation to offer the best services possible. As part of this audit, we perform an internal and external risk assessment. While many of our competitors fail to take these measures, we believe that service organizations must show that they have the right safeguards and controls to keep data secure.
SSAE 18 SOC 2 Requirements
The SOC 2 report examines the areas of security, availability, processing integrity and confidentiality. A compliant organization:
- Protects data from unauthorized access
- Makes information and services readily available
- Runs systems that perform their functions correctly
- Keeps confidential information confidential
These standards keep us accountable to our mission of giving our residents and patients’ exact control over who can use their data.
What Measures Do We Take to Meet These Standards?
The SOC 2 security standards are easier said than done. We stay compliant to SOC 2 and other privacy benchmarks by:
- Receiving updates and guidance from renowned legal and accounting experts
Conducting regular security updates and scans
- Inspecting all emails before they enter our network
- Implementing two internal and external network intrusion protection systems
- Encrypting all USB storage and hard drives
Monitoring and filtering Internet access
- Training all new staff members for HIPAA compliance
- Reviewing HIPAA changes and updates every year
Compliant and Secure IT Services for Long-Term Care
Working with Prelude Services gives you a distinct advantage over competitors — a dedication to safety and privacy. Since it isn't mandatory for IT organizations to undergo SOC 2 audits, many of them avoid completing it. But we believe that you can't cut corners when it comes to offering secure and top-quality IT services. That's why we voluntarily get SOC 2 evaluations every year. Our team considers you and your patients’ data safety a top priority. When you request our services, you can benefit from these SSAE 18 SOC 2-compliant solutions:
Would you like to see the advantages of SOC 2 compliance for yourself? Contact us online to learn more about our offerings.