Rhinogram, Inc. Successfully Completes a SOC 2 Assessment to Further Data Security

At Rhinogram, Inc., we continually invest in security best practices to ensure that our client's data stays safe and secure. As part of this ongoing effort, we are excited to announce that we’ve successfully completed our SOC 2 report.

The examination was conducted by A-LIGN, a technology-enabled security and compliance firm trusted by more than 4,000 global organizations to help mitigate cybersecurity risks. “Rhinogram, Inc. SOC 2 report validates its commitment to data security and protection, as well as compliance with critical standards to mitigate cybersecurity threats.”

What is a SOC 2 report, and what does it mean for Rhinogram, Inc.? In this article, we will explain the ins and outs of a SOC 2 report and explain how it symbolizes trust with clients.

What is SOC 2 report?

A SOC 2 report addresses risks associated with data handling and access and can be used by organizations of any size (e.g., SaaS, colocation, data hosting, etc.). Rather than a cybersecurity assessment that evaluates specific technical configurations, a SOC 2 report focuses more on how an organization implements and manages controls to mitigate the identified risks to its various parts.

The SOC 2 audit testing framework is based on the Trust Services Criteria (TSC), which are used to identify various risks (points of focus) an organization should consider addressing. Based on the TSCs the organization selects to be in scope, the third-party compliance and audit firm (in our case, A-LIGN) evaluates whether the organization has the appropriate policies, procedures, and controls to manage the identified risks effectively.

There are five Trust Services Criteria. The first criterion, Security, must be included with every SOC 2 report and is referred to as the “Common Criteria.” The remaining four are optional to include:

1. Security (required)

2. Availability (optional)

3. Processing Integrity (optional)

4. Confidentiality (optional)

5. Privacy (optional)

To pass a SOC 2 examination and receive a letter of attestation successfully, an

organization must address controls in areas such as information security, access control,

vendor management, system backup, business continuity and disaster relief, and more.

Who should get a SOC 2 Examination?

Organizations of all sizes and industries can benefit from a SOC 2 Examination, as the

audit can be performed for any organization that provides various customer services. A

SOC 2 report highlights the controls that protect and secure an organization’s system

or services its customers use. The scope of a SOC 2 Examination extends beyond the

systems that have a financial impact, reaching all systems and tools used to support the

organization’s system or services.

Why do I need a SOC 2?

Today, many organizations outsource their business operations and services to third-party

vendors, possibly putting client data at risk. For this reason, organizations

request that their vendors achieve SOC 2 compliance to demonstrate rigorous IT

security standards. Some additional reasons to consider a SOC 2 report for your

organization include:

1. Clients will most likely request a SOC 2 sooner or later.

2. SOC 2 can bring a competitive advantage to your business.

3. Enhanced information security practice.

4. SOC 2 helps you gain customer trust.

5. Ensure your employees understand best practices.

Know your data is safe and secure with Rhinogram, Inc.

Rhinogram, Inc. will make the SOC 2 report available to current or potential customers

upon executing a non-disclosure agreement. We hope the steps we have taken help you

and your IT teams remain confident in knowing that your data is secure with Rhinogram,

Inc. To learn more about our security policies and initiatives, please get in touch with

our Compliance Department at compliance@rhinogram.com.

About Rhinogram, Inc.

Based in Chattanooga, Tennessee, Rhinogram is a leading cloud-based, HIPAA-compliant

virtual care platform – connecting patients, clinicians and office administrators through

confidential SMS/MMS text messages, video interactions and encrypted phone calls in

real-time. The virtual care platform, which supports multimedia messaging and Facebook

messenger communication, seamlessly integrates with most EHR and PMS systems,

synchronizing encrypted patient communication into clinical workflows.

With Rhinogram, providers can better engage with their patients by streamlining

administrative processes, managing pre-and post-procedure care, and reducing

unnecessary appointments to realize value-based care success and deliver a quality

experience that drives patient loyalty.

For more information, visit www.rhinogram.com and connect with us on Twitter, LinkedIn and Facebook.

Are you ready to undergo a SOC 2 audit? Check out A-LIGN’s SOC 2 Readiness Checklist to learn how close your organization is to reaching its potential.

About A-LIGN

A-LIGN is the only end-to-end cybersecurity compliance solutions provider with the readiness to report compliance automation software paired with professional audit services, trusted by more than 4,000 global organizations to help mitigate cybersecurity risks. A-LIGN uniquely delivers a single-provider holistic approach as a licensed CPA firm to SOC 1 and SOC 2 Audit services, accredited ISO 27001, ISO 27701 and ISO 22301 Certification Body, HITRUST CSF Assessor firm, accredited FedRAMP 3PAO, authorized CMMC C3PAO, PCI Qualified Security Assessor Company, and PCI SSC registered Secure Software Assessor Company. Working with growing businesses to global enterprises, A-LIGN’s experts and its compliance automation platform, A-SCEND, are transforming the compliance experience. For more information, visit www.A-LIGN.com.

Find out how Rhinogram can make the switch from ineffective to effective communication in your facility by requesting a demo.