Senior living operators are responsible for sensitive personal information such as financial transactions, protected medical management and marketing data – the list goes on. Residents and potential customers expect rock solid security compliance, which is why SOC 2 is an increasingly important aspect of business operations within and outside of the senior living industry today.
What is SOC 2?
The American Institute of Certified Public Accountants (AICPA) maintains SOC compliance for Service Organizations, also known as SSAE 18. It provides a framework for companies to assess and report on their internal controls related to security, availability, processing integrity, confidentiality, and privacy.
By achieving SOC 2 compliance, a business demonstrates to its customers, clients, and other stakeholders that it has implemented robust controls to protect sensitive data and ensure the confidentiality, integrity, and availability of its systems and services. Many organizations, especially those in the healthcare, finance, and technology sectors, require their vendors and partners to be SOC 2 compliant as a condition of doing business with them. It’s a good move to mitigate the risk of data breach or risky data handling.
Compliance at Sherpa
Sherpa first achieved SOC 2 Type II compliance in 2021 and completed a full 12-month report period audit at the end of 2022. This third-party industry validation shows that Sherpa provides enterprise-level security for customer data secured in the Sherpa system.
“We are proud to announce the successful completion of our SOC 2 Type II compliance audit, which will help assure our customers that Sherpa meets the most rigorous established standards for safe data handling for keeping their data secure.”
Brent Roberts, Sherpa Senior Director of Information Technology and Compliance
As a cloud-based community management and virtual event platform provider, Sherpa is committed to ensuring the security and privacy of customer data. To achieve this goal, we were audited by Prescient Assurance, a leader in security and compliance attestation for B2B, SAAS companies worldwide. Prescient Assurance is a registered public accounting firm in the US and Canada and offers a wide range of risk management and assurance services, including SOC 2, PCI, ISO, NIST, GDPR, CCPA, HIPAA, and CSA STAR.
The unqualified opinion on our SOC 2 Type II audit report demonstrates to our current and future customers that we manage their data with the highest standard of security and compliance. We are grateful to Prescient Assurance for their thorough and professional work in helping us achieve this important milestone.
Your security is our priority
At Sherpa we are committed to providing our customers with the best community management and virtual event platform available. Achieving SOC 2 Type II compliance is just one way that we demonstrate our dedication to security and compliance.
If you have any questions about our compliance or security measures, please don’t hesitate to read more about security at Sherpa or reach out to us at info@sherpa.com.
