Posted on April 14, 2022

InEvent achieves SOC 2 Type II and HIPAA compliance

InEvent is pleased to announce the successful completion (“clean, unqualified report with no exceptions noted”) of the System and Organization Controls (SOC) 2 Type II attestation for Security, and taken the required steps to prove its good faith effort to achieve compliance with the Health Insurance Portability and Accountability Act (HIPAA). These achievements speak to InEvent’s unwavering commitment to upholding the highest levels of data security possible.

The SOC 2 and HIPAA audits were conducted by leading compliance assessor A-LIGN, a technology-enabled security and compliance partner trusted by more than 2,500 global organizations to help mitigate cybersecurity risks.

Established by the American Institute of Certified Public Accountants (AICPA), the SOC 2 examination is designed for organizations of any size, regardless of industry and scope, to ensure the personal assets of their potential and existing customers are protected. SOC 2 reports are recognized globally and affirm that a company’s infrastructure, software, people, data, policies, procedures and operations have been formally reviewed. SOC 2 also evaluates business and technology-related controls and other safeguards employed by third-party service providers, including cloud service providers, and any business associates that provide services used to initiate, process, report, and manage data. The completion of the audit affirms InEvent’s data security operations are in line with globally recognized best practices.

HIPAA is made up of a set of regulatory standards governing the security, privacy, and integrity of sensitive healthcare data called protected health information (PHI). PHI is any individually identifiable healthcare-related information. If vendors who service healthcare clients come into contact with PHI in any way, those vendors must be HIPAA compliant. By achieving HIPAA compliance, InEvent has shown that it is in adherence with the necessary regulatory standards outlined in the HIPAA Privacy Rule, Security Rule, Breach Notification Rule, Omnibus Rule, and HITECH.

 As part of their compliance efforts, InEvent has implemented several security measures, including the use of an FHIR server to securely store and transmit healthcare data. This server ensures that any sensitive health information is kept safe and confidential, providing peace of mind to customers who need to handle such data.

Speaking on the achievements, InEvent CEO, Pedro Góes said: “These certifications are significant milestones for InEvent in our efforts to guarantee customers a reliable and secure experience with our service. Transparency is a pillar that we hold dear as we pride ourselves on being a company worthy of trust. With these certifications, we once again reaffirm our commitment to defend data privacy.”