We’re in an industry that uses shiny and yet vague marketing terms to describe its products and that can make it challenging to know what you’re actually buying. It can often take a lot of technical knowledge and experience to wade through all the messaging and after all that scrutiny, you’ll still have to take their word for it that everything you’ve been told is true. We don’t want you to have to do that with our products and services. So we thought we’d let you know about a process that we do each year so that you don’t have to just take our word for it.
The end of 2018, an auditor from Linford & Company LLP, performed several compliance audits of our company. In our particular case, we requested audits called SOC 1 Type II and HIPAA. These are performed every year to test our policies, communications, procedures, and monitoring systems to verify and attest that Vivio is consistently maintaining the highest industry standards for security and privacy. This is a procedure that we request and pay for from an independent, third-party CPA firm to examine and prove that we have maintained these standards.
(Wondering what a CPA firm has to do with attesting to data security? It helps to know that SOC 1 audits deal with how service organizations handle financial data.)
The auditor examines all the controls and procedures that we’ve put in place and determines if they have been operated effectively over the last year. The auditor also evaluates our controls and procedures for compliance with HIPAA regulations that protect and maintain the privacy of sensitive medical data. This process takes a lot of time from both the auditor and our staff to provide supporting evidence and documentation and answer questions. And then the auditor leaves to do the paperwork.
Earlier this month, we received a prepared report with the results of the auditor’s examinations. It’s like an annual wellness exam for our security and privacy compliance. (But without any needles! We’re pretty happy about that.)
Vivio is pleased to report that our security and privacy compliance continues to be in excellent health! We understand the responsibility of being entrusted with the data that matters to you and your business, and this is one of the ways that we prove it to you.