Customers sometimes request evidence that ClinSpark is ‘SOC 2 compliant’ and request a certificate.
System and Organisation Controls…
System and Organization Controls (SOC; also sometimes referred to as service organizations controls) as defined by the American Institute of Certified Public Accountants (AICPA), is the name of a suite of reports produced during an audit. It is intended for use by service organizations (organizations that provide information systems as a service to other organizations) to issue validated reports of internal controls over those information systems to the users of those services. The reports focus on controls grouped into five categories called Trust Service Criteria.
– https://en.wikipedia.org/wiki/System_and_Organization_Controls
ClinSpark, and the operational processes supporting, it have not achieved SOC2 Certification at this time.
AWS, our hosting provider has achieved SOC 2 certification. Please visit this page in our documentation for further information and a link to AWS resources detailing all their quality, trust and IT security assurance certifications - https://foundryhealth.atlassian.net/wiki/spaces/DOCS/pages/3906142209/Hosting#Compliance-Programs