If you peek behind the curtains at m.Care®, you’ll see a lot of busy people and moving parts. One of the exciting upcoming projects is the SOC2 certification, which is a big deal for any size company.

So, what is SOC2, and why is the certification important? SOC2 is a compliance framework which tests the various administrative and technology controls against industry standards, and, validates that the company is really doing what they say in their policies. One example of an administrative policy would be background checks for new employees. For technical control, it might include running security scans of the various company websites monthly and correcting any issues found.

With SOC2, m.Care® must prove we are complying with all our own policies. Our SOC2+HIPAA assessment is being performed by A-LIGN, one of the largest SOC and HIPAA assessors in the country. This initial assessment will help identify and resolve any additional gaps for m.Care®’s full SOC2 period to begin later this year. The “+HIPAA” portion of this assessment builds on the recent HIPAA risk assessment performed earlier this year and will provide third-party validation of m.Care®’s recent work.

You may see some process changes resulting from these audits, or everything might happen behind the scenes. In all cases, know that we are working to ensure the best, most secure environments for all our valued clients, no matter the size.