PlanYear Achieves SOC 2 Compliance

PlanYear Achieves SOC Compliance

On Thursday, May 25, 2023, PlanYear achieved SOC 2 Type I compliance in accordance with American Institute of Certified Public Accountants (AICPA) standards for SOC for Service Organizations also known as SSAE 18. Achieving this standard serves as third-party industry validation that PlanYear provides enterprise-level security for customers’ data secured in the PlanYear System.

Trust and transparency are core values at PlanYear. As a leader in the brokerage and employee benefits technology space, keeping our customers’ data safe and secure is of the utmost importance. We consider these audits essential in demonstrating both our commitment to security as well as our operational integrity.

The SOC 2 (Service Organization Control for Service Organizations) evaluates applicants in five categories within the Trust Services Criteria of the American Institute of Certified Public Accountants:

  • Security - Verifying the system is protected against unauthorized access, use, or modification to meet the entity’s commitments and system requirements.
  • Availability - Verifying the system is available for operation and use to meet the entity’s commitments and system requirements.
  • Processing Integrity - Verifying the system processing is complete, valid, accurate, timely, and authorized to meet the entity’s commitments and system requirements.
  • Confidentiality - Verifying that information designated as confidential is protected to meet the entity’s commitments and system requirements.
  • Privacy - Verifying personal information is collected, used, retained, disclosed, and disposed to meet the entity’s commitments and system requirements.

PlanYear's attainment of SOC 2 Type 1 certification is just the beginning of our ongoing commitment to data security and privacy. The certification process provides a foundation for further improvements and the pursuit of SOC 2 Type 2 certification. Type 2 certification requires a more comprehensive evaluation of controls over an extended period, affirming the effectiveness and consistency of PlanYear's security practices.

In an era where data security is a top concern for organizations and individuals alike, PlanYear's SOC 2 Type 1 certification highlights our unwavering commitment to protecting client data. This achievement not only reinforces PlanYear's credibility and trustworthiness but also positions us as a leading provider of brokerage and employee benefits solutions. By prioritizing data security, PlanYear is poised to continue delivering exceptional service while ensuring the confidentiality, integrity, and availability of their clients' sensitive information.

Want to elevate your employee benefits experience? Schedule a demo of the PlanYear full-lifecycle benefits solution.

 

Request a demo of PlanYear to learn how to
elevate the employee benefits experience:

 

 

 

 

 

Posted by Molly Presson

Molly Presson brings 10 years of experience in benefits and health tech to her role as VP of Commercial at PlanYear. A strategic leader with a passion for solving complex challenges, Molly has a proven track record of driving growth and innovation in high-performance teams. Prior to joining PlanYear, she held senior positions at several leading benefits innovators such as Omada Health. Her customer-centric approach and deep industry knowledge make her a valuable asset in PlanYear's mission to drive efficiency for brokerage firms while elevating the client experience.

LinkedIn