PALO ALTO, Calif., June 24, 2021 /PRNewswire/ -- Health Gorilla, a leader in clinical data APIs, announced today its successful completion of the Service Organization Control (SOC) 2 Type 2 certification with HIPAA/HITECH requirements, which ensures compliance with the leading industry standards for managing enterprise data.

SOC 2 Type 2 certification is an expansion on the SOC 2 Type 1 certification Health Gorilla already had in place. The SOC 2 Type 2 report is an attestation of controls at a service organization over a minimum six-month period and reports on the description of controls provided by the management of the service organization, attests that the controls are suitably designed and implemented, and attests to the operating effectiveness of the controls.

Established by the American Institute of Certified Public Accountants (AICPA), the SOC 2 examination is designed for organizations of any size, regardless of industry and scope, by ensuring the personal assets of their potential and existing customers are protected. SOC2 reports are conducted by independent auditors, who measure the availability, security, and integrity of an organization's unique data processing systems, and ultimately determine whether effective safeguards and controls are in place.

The independent examination, conducted by leading cybersecurity assessment firm A-LIGN, validates that Health Gorilla's security practices and controls meet the Trust Services Principles and Criteria for security, availability, and privacy over an extended period of time.

"Protecting our customers' data is our top priority. The successful completion of the SOC 2 Type 2 certification is yet another example of Health Gorilla's commitment to providing the healthcare ecosystem with an advanced, innovative, and secure interoperability platform," said Steve Yaskin, Chief Executive Officer and Co-Founder. "Earning the SOC 2 certification attests that Health Gorilla is committed to protecting patient data against unauthorized access and assures our customers that cybersecurity, access controls, and data governance are key components of Health Gorilla's full suite of clinical data services."

About Health Gorilla

Founded in 2014, Health Gorilla is a secure interoperability solution that enables the entire health care ecosystem – patients, payers, providers, digital health solutions, and labs – to seamlessly share health data and aggregate each patient's full clinical history in one place. With enterprise-grade clinical data APIs, HIPAA-compliant user authentication, and an unparalleled master patient index, the Health Gorilla network makes it easy for providers to pull their patient's information from any clinical records system. Headquartered in Silicon Valley, Health Gorilla works with health care organizations around the world, helping them gather the clinical data they need to deliver the best and most appropriate care for their patients. For more information, visit healthgorilla.com or follow us on Twitter @HealthGorilla .

About A-LIGN

A-LIGN uniquely delivers a single-provider approach as a HITRUST CSF Assessor firm, Qualified Security Assessor Company, accredited ISO 27001, ISO 27701 and ISO 22301 Certification Body, accredited FedRAMP 3PAO, accredited CMMC C3PAO and licensed CPA firm. Working with small businesses to global enterprises, A-LIGN experts and its proprietary compliance management platform, A-SCEND, are transforming the compliance experience. For more information, visit www.A-LIGN.com.

