MedaSystems receives SOC 2 Type 1 certification

We are pleased to announce the successful completion of a Service Organization Control (SOC) 2 Type 1 audit. As the leader in providing SaaS Expanded Access software, this represents a significant milestone demonstrating our commitment to data security, patient privacy, and compliance.   

The SOC 2 Type 1 attestation is a standard of trustworthiness and security set by the American Institute of CertifiedPublic Accountants (AICPA). This report, by an accredited auditing firm, attests to MedaSystems' commitment to data processing integrity, confidentiality, and customer information privacy. To receive the attestation, auditors conducted an intensive review of the policies and procedures developed by the MedaSystems team to ensure they meet AICPA's criteria and best practices. 

As an enterprise SaaS startup operating in a highly regulated area, the SOC 2 Type 1 report demonstrates our robust security controls,necessary for technology offerings in the life sciences and healthcare industries.  

Security and compliance are foundational to MedaSystem’s software design and construction. MedaSystems’ platform is also designed to be compatible with other standards necessary to our customers, such as GDPR, HIPAA, and FDA 21 CFR Part 11.  We regularly conduct risk assessments of our practices and third-party vendors, conduct security penetration testing, hold disaster recovery drills, and schedule security awareness training for all employees. Of course, maintaining and continuously improving our security and compliance practices is an ongoing process. In the next few months, we will pursue the next SOC attestation, SOC 2 Type 2. 

Current and prospective customers can obtain a copy of our SOC 2 Type 1 report upon request.