Dear Valued Clients and Partners,

We are thrilled to announce that Snap eHealth successfully achieved SOC 2 Type II compliance in the spring of 2024. This rigorous certification demonstrates our deep commitment to protecting the security, confidentiality, and privacy of sensitive healthcare data.

What is SOC 2 Type II?

SOC 2 Type II is a widely recognized security standard developed by the American Institute of Certified Public Accountants (AICPA). It involves an in-depth audit of a company's systems and controls related to:

• Security: Protection against unauthorized access and data breaches.
• Availability: Ensuring systems are up and running when you need them.
• Processing Integrity: Data is processed accurately and reliably.
• Confidentiality: Sensitive information is protected from unauthorized disclosure.
• Privacy: Personal data is handled in accordance with regulations and best practices.

Why We Pursued SOC 2 Type II

In the healthcare industry, trust is paramount. Our clients entrust us with their most sensitive information, and we take that responsibility incredibly seriously. SOC 2 Type II compliance provides independent validation that we have the necessary safeguards and processes to handle data responsibly.

Achieving this compliance involved a comprehensive review of our policies, procedures, and technical infrastructure by an external auditor. We are pleased to share those results, demonstrating that our commitment to security is not just a promise, but a proven practice.

Benefits for Our Clients

• Increased Confidence: Assurance that your critical healthcare data is handled with the utmost care.
• Streamlined Vendor Assessments: Reduced need for individual security questionnaires and audits.
• Competitive Advantage: SOC 2 Type II compliance sets us apart and enhances your own compliance efforts.

Our Ongoing Commitment

SOC 2 Type II compliance isn't a one-time achievement for us. We understand that data security is an ongoing journey. We are dedicated to continuous improvement and maintaining the highest standards for protecting personal health information. In addition to maintaining our SOC 2 Type II compliance, our organization is currently pursuing a HITRUST certification so that we can ensure the absolute highest level of security for our partners and their patients. 

Thank you for entrusting Snap eHealth with your healthcare technology needs. We value your partnership and promise to always handle your data with diligence.

‍

Sincerely, 

Jess Nash

Director of Security & Systems

Snap eHealth, Inc.

‍