On Thursday, May 25, 2023, PlanYear achieved SOC 2 Type I compliance in accordance with American Institute of Certified Public Accountants (AICPA) standards for SOC for Service Organizations also known as SSAE 18. Achieving this standard serves as third-party industry validation that PlanYear provides enterprise-level security for customers’ data secured in the PlanYear System.
Trust and transparency are core values at PlanYear. As a leader in the brokerage and employee benefits technology space, keeping our customers’ data safe and secure is of the utmost importance. We consider these audits essential in demonstrating both our commitment to security as well as our operational integrity.
The SOC 2 (Service Organization Control for Service Organizations) evaluates applicants in five categories within the Trust Services Criteria of the American Institute of Certified Public Accountants:
- Security - Verifying the system is protected against unauthorized access, use, or modification to meet the entity’s commitments and system requirements.
- Availability - Verifying the system is available for operation and use to meet the entity’s commitments and system requirements.
- Processing Integrity - Verifying the system processing is complete, valid, accurate, timely, and authorized to meet the entity’s commitments and system requirements.
- Confidentiality - Verifying that information designated as confidential is protected to meet the entity’s commitments and system requirements.
- Privacy - Verifying personal information is collected, used, retained, disclosed, and disposed to meet the entity’s commitments and system requirements.
PlanYear's attainment of SOC 2 Type 1 certification is just the beginning of our ongoing commitment to data security and privacy. The certification process provides a foundation for further improvements and the pursuit of SOC 2 Type 2 certification. Type 2 certification requires a more comprehensive evaluation of controls over an extended period, affirming the effectiveness and consistency of PlanYear's security practices.
In an era where data security is a top concern for organizations and individuals alike, PlanYear's SOC 2 Type 1 certification highlights our unwavering commitment to protecting client data. This achievement not only reinforces PlanYear's credibility and trustworthiness but also positions us as a leading provider of brokerage and employee benefits solutions. By prioritizing data security, PlanYear is poised to continue delivering exceptional service while ensuring the confidentiality, integrity, and availability of their clients' sensitive information.
Want to elevate your employee benefits experience? Schedule a demo of the PlanYear full-lifecycle benefits solution.
|
Request a demo of PlanYear to learn how to |
|
|
