SOC 2 compliance is part of the AICPA Service Organization Control (SOC) reporting platform. The goal of SOC 2 is to evaluate organization security and internal controls around security, availability, processing integrity, confidentiality, and privacy.
Organizations working toward SOC must take the following steps to achieve SOC 2 compliance:
- Implement a security program and all internal security controls required under the AICPA Trust Service Criteria (TSC)
- Perform a SOC 2 audit with a 3rd party auditor
There are two different types of SOC 2 reports that an organization can achieve:
Type 1: Highlights policies and procedures for ensuring TSC at a single point in time.
Type 2: Evaluates the same policies, procedures, and security controls for ensuring TSC over a period of time, usually 3 to 12 months.
Here at GlobalVetLink, we highly value the trust our customers place in us with their data. We believe that any company handling customer data needs to prove that it is taking security seriously.
GlobalVetLink has invested significant resources and time in maintaining SOC 2 compliance, and we will continue to be a leader in this space in the animal health industry.