VeeMed Achieves ISO 27001 Certification and SOC 2 Type 1 Compliance
Best Practices Further Ensure Customer Data Security
Roseville, Calif., March 11, 2021 /Globe Newswire/ — VeeMed has received ISO 27001 certification and successfully completed the Service Organization Controls (SOC 2 Type 1) audit report. These milestones validate that VeeMed has invested in the people, processes, controls, and technologies to protect VeeMed and customer data, and that it is managing information security according to international best practices.
Privacy breaches in Health IT systems can be catastrophic, which is one of the reasons why HIPAA regulations were established in 1996. HIPAA regulations protect patient information from unauthorized eyes, and this information must be protected wherever it travels. In a telehealth solution like Tele-ICU, patient chart information and privileged communications flow across the internet, and these communications must also be rigorously protected. The ISO 27001 certification and the SOC 2 report (backed by AICPA standards) will extend even more confidence to existing VeeMed customers who already trust it for its highly secure infrastructure.
“We’re proud to have received this certification and compliance, which indicate that we are following the most rigorous security standards in our telehealth solutions,” said Abdul Rahim Khatri, CTO of VeeMed. “As a healthcare company obsessed with data security and privacy, we can assure our customers that we are using industry-recognized best practices to keep their data safe.”
About ISO 27001
ISO/IEC 27001 is the leading international standard for information security management. It covers organizations of all types, and lays out the requirements for implementing, monitoring, and improving an information security management system. It was originally published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) in 2005, and was updated in 2013.
Because it is a structured methodology, ISO 27001 offers a path to reduced risk associated with cybersecurity. In following this methodology, VeeMed can protect confidential information from hackers and data loss, and can recover more quickly if security breaches do occur. Moreover, it assures continued operations after a breach or a natural disaster.
About SOC 2
SOC 2 is a component of the American Institute of CPAs’ (AICPA)’s Service Organization Control reporting platform. SOC 2 reports serve as an assessment and attestation to an organization’s controls in accordance to AICPA’s 5 Trust Service Criteria: security, availability, processing integrity, confidentiality, and privacy. SOC 2 is a technical audit and requires that comprehensive information security policies and procedures be written and followed.
VeeMed customers or potential customers want to be assured that their patient information is protected throughout its lifecycle. VeeMed already had a strong reputation for securing its customers’ sensitive data as it moves through Tele-ICU and its other solutions. Achieving ISO 27001 certification and successfully completing the Service Organization Controls (SOC 2 Type 1) audit report adds the ultimate layer of certainty that customers’ data will be safe, and that healthcare organizations can use VeeMed’s solutions to optimize staffing, conserve resources, and improve patient care with the confidence they need to move forward.
About VeeMed, Inc.
Based in Roseville, CA, VeeMed is a global telehealth company focused on virtual technology, physician services, and operations. Founded in 2016, VeeMed has the most advanced telemedicine solution available for acute care settings. For more information about VeeMed’s vision for the future of telemedicine see https://veemed.com.