Healthcare breaches are costing the U.S. healthcare industry an estimated $6.2 billion (Ponemon Institute)
As the healthcare industry continues to be a prime target for hackers and data theft, it’s important that companies work with third-party vendors who uphold the strictest guidelines and data protocols. One of the most effective ways to know you are partnering with an organization that keeps its systems protected is by working with a company that is SOC 2 Type II certified.
What is a SOC 2 Type 2 certification?
The Service Organization Control (SOC) 2 Type 2 was created by the American Institute of Certified Public Accountants as an auditing procedure to ensure that service providers securely manage all data to protect the interest of an organization and its clients. The SOC 2 Type II reports are the most comprehensive certification within the Systems and Organization Controls protocol. An organization that is undergoing certification is heavily reviewed and monitored by a third party. This evaluation lasts between six months to a year.
During this time, the organization is assessed under five key sections of the SOC 2 framework. These sections form a set of criteria called the Trust Services Principles which include:
- The security of the provider’s system
- The processing integrity of the system
- The availability of the system
- The privacy of personal information that the service provider collects, retains, uses, discloses and disposes of for user entities
- The confidentiality of the information that the service provider’s system processes or maintains for user entities
Why is this important?
Achieving a SOC 2 Type II certification is a rigorous task and is voluntary. Those who are certified have made an investment to be thoroughly reviewed and audited. A company that has achieved SOC 2 Type II certification has proven over time that its systems in place are secure, it has complete control over their operations and it can effectively protect the confidentiality and privacy of the data they have stored.
By working with a company that is SOC 2 Type II certified, like Radiologybill, you can be confident that it has the security controls in place to ensure the security, availability, integrity, confidentiality and privacy of patient data.
Learn more about our services and how we can keep your data safe as we work to collect debt and improve your revenue!