As Atomic.io continues to grow around the world, it’s important to us that our customers have reassurance in our ability to keep their systems and information private and secure.
That’s why we’re incredibly proud to announce that we are now both SOC 2 Type I and HIPAA Type I compliant.
Achieving SOC 2 and HIPAA has let us put our security practices to the test, and we’ve demonstrated that they are meeting the highest standards.
What is SOC 2 Compliance?
Service Organisation Control 2 (SOC 2) is an internationally recognised standard developed by the American Institute of CPAs (AICPA). SOC 2 ensures that organisations and their cloud-based systems are designed in a way that guarantees security, availability, processing integrity, confidentiality, and privacy of customer data.
SOC 2 compliance is awarded to businesses by external auditors upon assessing their compliance with one or more of the trust principles. Atomic.io was assessed by A-LIGN and has achieved compliance with the following trust principles – Security, Availability and Confidentiality.
There are two types of SOC 2 audits: Type 1 and Type 2. Type 1 examines the controls used for maintaining the trust principles at a point in time and Type 2 examines the effectiveness of these over a period of time. Atomic.io is currently SOC 2 Type I compliant as of 5th May 2021 and we are working towards becoming Type II compliant.
What is HIPAA Compliance?
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge.
HIPAA compliance is awarded to businesses by external auditors upon assessing their compliance with Rules issued by the US Department of Health and Human Services (HHS). Atomic.io was assessed by A-LIGN has been attested for compliance with the Security Rule and is currently HIPAA Type I compliant as of 5th May 2021.
What does this mean for you?
Atomic.io provides you with the tools to interact with your customers securely within your authenticated apps. We know that you’re placing incredible trust in us that your data will be safe and accurate. Our SOC 2 and HIPAA reports can provide you with the assurances that we are protecting your data by following industry best practices.
SOC 2 and HIPAA compliance encompasses the technology, processes and people across our entire organisation from recruitment to business continuity and code development. Achieving SOC 2 and HIPAA has made Atomic.io more robust across the board now and moving forwards.
What's next?
We’re currently working towards achieving SOC 2 Type 2 with expected compliance in 2022. Atomic.io is committed to carrying out annual SOC 2 Type 2 and HIPAA Type 1 audits moving forwards to ensure we continue to maintain and improve on our security practices.
If you have any questions or would like to request a copy of our SOC 2 report, please get in touch at privacy@atomic.io