https://www.vocera.com/uk/blog/soc-2-validation-its-about-more-compliance Skip to main content
  • Careers
  • 0800 652 8773
  • United States
    • United States
    • United Kingdom
    • Australia
    • New Zealand
    • Middle East
    • Canada
  • search
  • Customer Support
Logo Vocera
Menu
MenuMenuMenu
1.888.986.2372 Close Menu
  • About Vocera
    • Careers
    • Our Mission
    • Investors
    • Newsroom
    • COVID-19
    • Year Of The Nurse
    • Virtual Events
    • HIMSS 2021
  • Products
    • V5000 Smartbadge
      V5000
      Smartbadge
    • B3000N Badge
      B3000N
      Badge
    • Vocera Products
      Compare
      Vocera Products
    • Vocera Accessories
      Vocera
      Accessories
    • Vocera Platform
      Vocera
      Platform
    Vocera Enterprise Platform
    • Engage Intelligent Workflow
    • Analytics
    Compare Communication Devices
    • Smartbadge
    • Badge
    • Smartphones
    Mobile Applications
    • Vina
    • Collaboration Suite
  • Solutions
    • Family Communication
    • Staff Safety
    • Secure Text Messaging
    • Alarm Management
    • Integrations
    • Pager Replacement
    • Covid-19
  • Services
    • Customer Technical Support
    • Access Technical Support Portal (customers with active support contracts).

    • Professional Services
    • Experts to help with workflow enhancements and solution deployment.

    • Vocera University
    • Accelerate proficiency and performance with our customized courseware, in-person and self-guided training opportunities.

    • Accessories and E-Store
    • Order batteries, chargers, specially-designed lanyards and clips, headsets and more.

  • Industries
    • Healthcare
    • Veterans' Affairs Healthcare
    • Department of Defense Healthcare
    • Long-Term Care
    • Hospitality
    • Retail
    • Veterinary Care
    • Education
    • Energy
  • Resources
    • Case Studies
    • Data Sheets
    • Guides
    • Technical Documentation
    • Solution Briefs
    • Videos
    • Webinars
    • White Papers
    • Blog
    • Podcast
  • contact us
  • support portal
  • contact us
  • United States
    • United States
    • United Kingdom
    • Australia
    • New Zealand
  • search
Vocera Logo

525 Race Street San Jose, CA 95126 United States (888)-9VOCERA

  • Home
  • Blog
  • SOC 2 Validation: It’s About More Than Compliance
    • All Topics
    • Enabling Safety and Quality Care
    • Saving Steps and Saving Time
    • Transforming
      the Experience
    • Enhancing Care
      with Technology

    SOC 2 Validation: It’s About More Than Compliance

    • by Ammath Keunemany
      <p><span>Information Security Manager for Products<span>, Vocera</span></span></p>

    Topics Covered:

    • Enhancing Care with Technology

    Share:

    • Twitter
    • Facebook
    • Linkedin
    • print
    July, 2017

    Every once in a while, I learn something interesting from my friends in our marketing department. The other day I learned that when people search the web for information about Service Organization Control 2 (SOC 2), the most common phrase they use is “SOC 2 compliance.”

    We were talking about this because in June, Vocera received a favorable SOC 2 Type II report as an outcome of an audit conducted earlier this year focused on our cloud-based applications: Vocera Secure Texting, and Vocera Care Experience.

    If your health system stores patient data in the cloud, you are likely well aware of the SOC 2 report, which was developed by the American Institute of Certified Public Accountants (AICPA). Any company or health system storing customer data in the cloud must meet SOC 2 compliance requirements in order to minimize risk and exposure to that data.

    The SOC 2 audit report is an extensive list of controls; and as a company, we either meet those controls or we don’t. We must demonstrate compliance with those controls during the audit to earn a favorable report. If someone says they are SOC 2 compliant, it can be taken to mean that they’re compliant with certain parts of the audit, but perhaps not with other parts.

    So, for the record: Vocera has earned favorable SOC 2 Type I and now Type II reports. We’re proud of these achievements and will continue to maintain favorable SOC 2 reports for our clinical communication and workflow solutions.

    SOC 2 Covers Our Cloud Infrastructure, Not Just Our Applications

    Our SOC 2 report validates our cloud-based applications, but it’s about much more than that.

    SOC 2 requires us to demonstrate that we establish and follow strict information security policies and procedures that encompass the security, availability, processing, integrity, and confidentiality of customer data. We had to prove, through rigorous evaluation over many months, that our information security measures are in line with today’s cloud requirements.

    SOC 2 audits a company as an entity. It audits our corporate infrastructure and the enterprise technology we use. It audits the security controls at our corporate headquarters. It audits our employees, our HR processes for doing background checks, our IT department’s auditing access controls, our legal department, what we do in our remote sites across the country, and more.

    Why SOC 2 Really Matters in Healthcare

    The security of an application is important – and it’s equally important to think about the security controls of the corporation and the people who are building these applications. The SOC 2 report provides a view into what the company thinks about when it’s building technologies for customers.

    Hospital leaders should care because a vendor supplying a cloud-based application has access to all their data; we’re hosting their data and building applications that access it. When nurses, doctors, and others use our applications to send secure messages, every one of those messages enters our databases and sits on our server, in the cloud.

    Hospitals want to know that our applications are secure within the cloud infrastructure. They also want to see that we demonstrate commitment to the highest levels of security companywide. They want to know that we do background checks and that people who are accessing their database are authorized to do so.

    Defense-Grade Security

    All Vocera solutions are validated by a third party. For our cloud solutions, SOC 2 was the obvious choice – really the only choice – for validation.

    We also have more validations in the works:

    • We just finished our Joint Interoperability Test Command (JITC) certification. This certification validates and approves our core voice platform for use within the Department of Defense’s Risk Management Framework. 
    • The Department of Veterans Affairs approved our core voice platform and Vocera Collaborations Suite application on the One-VA Technical Reference Model (One-VA TRM ).


    We’re proud to call the security of Vocera solutions “defense-grade.” The security credentials we’ve earned from the U.S. Army, Department of Defense, and American Institute of Certified Public Accountants are unsurpassed.

    Share:

    • Twitter
    • Facebook
    • Linkedin
    • print

    Most Recent

    Recommended

    • NHIT Week 2019: Creating Healthy Communities with Technology

    • Celebrating Star Trek and the Next Frontier of Voice Communication in Healthcare

    • Employing the Power of AI and Interoperability to Reduce Sepsis Mortality

    • What Hospitals Can Learn about Incident Detection from the Notre Dame Disaster

    • Using Technology to Help Prevent Falls in the Hospital

    • Hospital Secure Messaging: 7 Lessons Learned

    • Three Tips for Reducing Sepsis Risk

    • Halifax Health: Better Communication for Better Patient Care

    Most Recent Related Stories

    NHIT Week 2019

    NHIT Week 2019: Creating Healthy Communities with Technology

    Celebrating Star Trek

    Celebrating Star Trek and the Next Frontier of Voice Communi...

    Beyond the Electronic Health Record: Human-Centered Design to Reduce Clinicians’ Cognitive Burden

    Beyond the Electronic Health Record: Human-Centered Design t...

    Stay Connected
    100 Longwater Avenue
    Green Park
    Reading, Berkshire
    RG2 6GP
    United Kingdom

    0800 652 8773

    ABOUT US
    • Home
    • Year Of The Nurse
    • Empower Heroes
    • Customer Advocacy
    • Locations
    • Patient Privacy
    • Partners
    • Social and Environmental Responsibility
    • Supply Chain Transparency
    • Ethics Hotline
    Careers
    News & Events
    • Press Releases
    • News and Research
    • Events
    • Virtual Events
    • Gartner Reports
    Resource Center
    • Blog
    • Case Studies
    • Data Sheets
    • Guides
    • Podcast
    • Solution Briefs
    • Videos
    • Webinars
    • White Papers
    PRESS RELEASES
    BLOGS
    PODCAST
     
    © Copyright 2019 Vocera Communications. All Rights Reserved.
    Privacy - Legal - Site Map