“We strive to implement a robust Information Security discipline and program within our organization. SOC2 compliance for Dentrix Ascend demonstrates our willingness and ability to conform with high standards.”

Kenton McDaniel, CISO of Henry Schein One

Service Organization Control 2 (SOC2) is a component of the American Institute of CPAs (AICPA)'s Service Organization Control reporting platform. SOC 2 is a technical auditing process and certification that measures security and availability and serves as an assurance to customers that their data is being managed in a controlled and audited environment.

When an application achieves SOC2 compliance, it signifies that the organization has taken appropriate steps to ensure compliance in the areas that were measured.

SOC2 compliance is essential for service organization platforms that store customer data in the cloud. SOC2 is relevant for all SaaS platforms.

There are two types of SOC2 audits that are available:

• SOC2 Type 1 shows the controls of an organization around the application to be audited.
• SOC2 Type 2 introduces historical operational controls into the audit.

Why is SOC2 Compliance Important?

Meeting SOC2 compliance demonstrates establishing processes and procedures that place security and confidentiality at the forefront.