Announcing Formsort’s SOC 2 Type II certification
Today, we’re excited to announce that Formsort is SOC 2 Type II compliant. Our platform, technology, processes, and procedures have been assessed by Prescient Assurance – an external, independent auditor – and we have met the highest standards.
SOC 2 is a process a company undergoes to assure their customers that their data is securely managed to protect their interests as well as the privacy of their users. SOC 2 defines five trust service principles for managing customer data: security, availability, processing integrity, confidentiality, and privacy.
External auditors like Prescient Assurance determine whether a vendor complies with one or more of the five trust principles based on the systems and processes in place, and issue a certificate of compliance. In addition to Prescient, we leveraged Secureframe to automate our SOC 2 certification process.
A SOC 2 Type I certificate demonstrates the effectiveness of controls in an organization at a specific point in time. The SOC 2 Type I report describes the controls provided by the management of the organization and attests to their suitability.
In contrast to a one-time check, SOC 2 Type II monitors the controls over time and also checks their operating effectiveness. As a result, the SOC 2 Type II evaluation process is more rigorous and reliable. Many companies prefer Type II certification when evaluating a vendor’s security posture.
Many of our customers operate in highly regulated industries like healthcare and financial services, and trust us to keep their form data secure.
A SOC 2 Type II certification assures our customers that Formsort maintains a high level of information security. Testing these requirements (via penetration tests and other audit tests) can ensure that sensitive information is handled well over time, rather than just once. It gives our customers even greater peace of mind.
Formsort is also HIPAA compliant. This means that we follow a set of regulatory guidelines that outline how Protected Health Information (PHI) can be used and disclosed in a lawful manner.
If you’d like a copy of Formsort’s SOC 2 Type II report, talk to our team.