In order to better assist our customers in meeting their information security requirements, we have recently completed a SOC II Type II audit covering the Security and Availability Trust Services Principles for our document scanning and records storage solutions in Hooksett, NH. In doing so, NEdocs has become one of the first SOC II Type II audited document scanning service bureaus in the New England area.
The SOC II Type II report is based upon an objective audit conducted by a third party firm in accordance with attestation standards established by the American Institute of Certified Public Accountants. These standards require a thorough examination to obtain reasonable assurance about whether controls are suitably designed and operating to meet applicable trust services criteria. The Type II report shows that NEdocs followed these standards for a 6 month period, unlike the Type I which only accounts for “a point in time.”
The SOC II report is a thorough and highly regarded audit. Service organizations have several criteria to meet, and SOC II auditors must assure that all applicable standards have been met. Throughout the examination, auditors test individual controls across the organization and report which controls were tested along with the results.
Our SOC II Type II report details NEdocs’ written, implemented, and audited controls for security, confidentiality, and availability.
Beyond our commitment to security, confidentiality, and availability, NEdocs has also implemented many disaster recovery plans and safety controls in order to protect information processed at our facilities. This safeguards valuable documents and data from the threats of power failure, natural disasters, and any other unforeseeable event that may interrupt business. Additionally, all of NEdocs’ employees are trained and certified on HIPAA regulation requirements.