Auric Systems International completed phase I of our strategic 2020 goal to expand security compliance by completing a SOC 2 Type 1 audit.
The completed audit covers the relevant SOC 2 controls for:
- Security
- Availability
- Processing Integrity
- Privacy
We're particularly proud of being audited on the privacy controls as it give our clients storing Personally Identifiable Information (PII) and Personal Health Information (PHI) the added assurance that our services and operations are audited specifically for data privacy.
Privacy differs from confidentiality in that the audit controls review what data is stored vs. how that data is protected. Over the last two years, Auric has carefully reviewed everything stored and generated by the AuricVault® service -- particularly logs written to files and stored within the database. Auric has significantly reduced the information we gather to ensure what is stored does not identify our client's end users.
Auric is scheduled to complete the annual SOC 2 Type 2 audit in Q4 of 2020, and annually thereafter.
- Download ASI's SOC2 Type 1 2020 - Report Final 0416