NEEDHAM, Mass.–(BUSINESS WIRE)–Today, SSG announced that the company has undergone a System and Organization Controls (SOC) 2 examination resulting in a CPA’s report stating that management of SSG maintained effective controls over the security, availability, and confidentiality of its Casetivity system. The engagement was performed by BARR Advisory, P.A.
A SOC 2 report is designed to meet the needs of existing or potential customers who need assurance about the effectiveness of controls used by the service organization to process customers’ information.
“We are pleased that our SOC 2 report has shown we have the appropriate controls in place to mitigate risks related to security, availability, and confidentiality, along with HIPAA Security Rule requirements,” said Neal Brenner, CIO at SSG. “It is a great validation of our company’s hard work and offers peace of mind for our customers.”
“SSG is pleased that our Casetivity product and SaaS hosting have both received SOC2 Type 2 certification. This certification is a testament to the hard work and dedication of our team in continuously improving the security of our solutions. We are proud to offer a custom-tailored experience for each of our customers while maintaining a high level of security. As we move forward, we are committed to continuing to enhance the security of our products and services in the coming years,” said Hollis Jamison, DevOps Manager at SSG.
The following principles and related criteria have been developed by the American Institute of CPAs (AICPA) for use by practitioners in the performance of trust services engagements:
- Security: The system is protected against unauthorized access (both physical and logical).
- Availability: The system is available for operation and use as committed or agreed.
- Processing Integrity: System processing is complete, valid, accurate, timely, and authorized to meet the entity’s objectives.
- Confidentiality: Information designated as confidential is protected as committed or agreed.
- Privacy: Personal information is collected, used, retained, disclosed, and disposed of to meet the entity’s objectives.
- HIPAA Security Rule Requirements: The system is compliant with the applicable HIPAA Security Rule requirements set forth in the U.S. Department of Health and Human Services’ (HHS) Health Information Portability and Accountability Act.
A SOC 2 report is an internal control report on the services provided by a service organization to its customers and provides valuable information that existing and potential customers of the service organization need to assess and address the risks associated with an outsourced service.
Current and prospective customers interested in a copy of our SOC 2 report may contact April Phillips at firstname.lastname@example.org.
SSG is dedicated to modernizing the delivery of essential services in our communities. For two decades, SSG has partnered with over dozens of states and municipalities to improve their workflow, data management and IT systems implementation and operation. SSG’s flagship product, Casetivity, was purpose-built to automate essential workflows in public health organizations. SSG’s solution suite for public health transforms the way organizations manage and execute programs through data management and workflow automation.
ABOUT BARR Advisory
BARR Advisory is a cloud-based security and compliance solutions provider, specializing in cybersecurity consulting and compliance for companies with high-value information in cloud environments like AWS, Microsoft Azure, and Google Cloud Platform. A trusted advisor to some of the fastest growing cloud-based organizations around the globe, BARR simplifies compliance across multiple regulatory and customer requirements in highly regulated industries including technology, financial services, healthcare, and government.
BARR Advisory services include:
- Compliance Program Assistance
- SOC 1 Examinations
- SOC 2 and 3 Examinations
- SOC for Cybersecurity
- PCI DSS Assessment Services
- ISO 27001 Assessments
- FedRAMP Security Assessments
- HIPAA and HITECH Services
- Penetration Testing and Vulnerability Assessments
- Virtual CISO Services
Cameron Thomas for SSG