ATHN SOC 2 Type II Compliance

At ATHN, we know the importance of data security and privacy, both for us and our ATHN Affiliates and other partners. We are proud to be SOC 2 Type II compliant in all five trust principles: security, availability, processing integrity, confidentiality, and privacy.

What is SOC 2?
System and Organization Controls (SOC) 2 is a voluntary compliance standard developed in 2010 by the American Institute of Certified Public Accountants (AICPA). It is used to assess how well a service organization manages customer data and protects it from unauthorized access and other vulnerabilities.

Security – Protecting systems and data from unauthorized access. Availability – Making sure services and data are available as agreed. Processing integrity – Ensuring the processing of data is complete, valid, accurate, timely, and authorized. Confidentiality – Keeping sensitive information safe and sound. Privacy – Protecting personal information as agreed or as required by law.

Why is SOC 2 Type II compliance important for ATHN?
ATHN Affiliates and our partners in the community, government, and industry often operate in heavily regulated environments where data security and privacy are of utmost concern and importance. Our Type II compliance assures everyone working with ATHN that we prioritize data security and maintain strong internal controls to protect the data entrusted to our care.

To receive Type II compliance, organizations must undergo a more rigorous evaluation process. Here’s a summary of the difference between Type I and Type II compliance:

  • Type I – Ensures an organization’s systems and controls are designed effectively to meet the applicable Trust Service Criteria at a specific point in time.
  • Type II – Examines an organization’s systems and controls and evaluates their effectiveness to meet the applicable Trust Service Criteria over a sustained period of time. Type II provides a more comprehensive assessment of how well the controls are operating and whether they are achieving their intended outcomes.

ATHN is serious about data security
Having a Type II designation is important when evaluating an organization’s security posture. ATHN is proud to be SOC 2 Type II compliant and pledges to continue to invest in best-in-class security and privacy practices to ensure all of the data in our secure ATHN Systems platform is protected.