One Point Obtains SOC 2 Type II Report
To further mitigate risk in third-party privacy, security and compliance, One Point strengthens SOC 2 compliance
One Point is proud to announce that it has strengthened its SOC 2 compliance by obtaining a SOC 2 Type II Report. This meticulous, independent assessment of internal security policies serves as further proof of the company’s dedication to protecting client information.
The report is an important milestone for One Point as it shows the organization’s commitment to securing clients’ data. This milestone places One Point in an elite group of marketing organizations worldwide that have obtained this report in a data-secured environment and it will be a significant benefit to the healthcare and government industries it serves.
“We’re very proud of this milestone as it demonstrates One Point’s commitment to transparency of our security and data policies,” said Kirk Vercnocke, CEO. “Data is a valuable asset in effective marketing and whether its HIPAA, PCI or even just customer contact information, all our clients can feel comfortable when working with us. Setting our standards at a high level ensures they can trust us to handle their sensitive data.”
One Point secured its first SOC 2 Type I Report in December 2020 and decided to take its security measures to the next level by increasing to the Type II Report, which the organization received on Feb. 28, 2022. The SOC 2 Type II compliance process allows One Point to scale its scope to the areas relevant to the business or services it performs for its clients.
“Completing this independent examination emphasizes One Point’s commitment to security and assures our clients that maintaining their trust is a core part of our partnership,” said Mike Spalding, Chief Technology and Compliance Officer. “This milestone is a great foundation to go to the next level, which is HITRUST certification.”
Established by the American Institute of Certified Public Accountants (AICPA), the SOC 2 examination is an auditing procedure that ensures service providers securely manage data in a way that protects the interests of the organization and client privacy. These reports are based on the AICPA’s Trust Services Criteria (security, availability, processing integrity, confidentiality, privacy) and assure that a company’s security infrastructure, policies and procedures have been reviewed. The SOC 2 Type II Report is valid for 12 months and can be renewed.