Doing Our Due Diligence: SOC 2 and HIPAA Security Compliance

Tri-Win Direct has achieved compliance with the rigorous data security requirements of the Service Organization Controls 2 (SOC 2) standard and the consumer healthcare privacy controls of the Health Insurance Privacy and Portability Act (HIPAA).

The SOC 2 report attests to the effectiveness of the direct mail data processing management controls that Tri-Win Direct has in place that relate to security, availability, processing integrity, confidentiality and privacy. The HIPAA audit reflects Tri-Win’s demonstration of adherence to federally required standards for the privacy of protected health information, the security of electronic protected health information, and breach notification to consumers.

Larger clients, who have more policies and procedures in place and require more data security, are beginning to specify completion of the data security audits as a condition of doing business. We believe that compliance audits will soon be a requirement going forward, which is why we invested in formalizing and documenting our data security and privacy procedures now. This is one more way that Tri-Win Direct is investing in the data and mailing resources available for our customers and exceeding their expectations.

hippa-hitech

aicpa-soc

“COMPLETING THE AUDITS DEMONSTRATES OUR IT SECURITY, PHYSICAL SECURITY, AND DEDICATION TO DATA PRIVACY IN EVERYTHING WE DO.”

Scott Swanner