Today’s technology leaders are charged with securing and protecting the customer, employee, and intellectual property data of their companies in an environment of increasingly complex security threats. Companies are also responsible for complying with all applicable laws, including those related to data privacy and transmission of personal data, even when a service provider holds and processes a company’s data on its behalf.

DadeSystems maintains a formal and comprehensive security program designed to ensure the security and integrity of customer data, protect against security threats or data breaches, and prevent unauthorized access to our customers’ data. The specifics of our security program are detailed in our third-party security audits and international certifications.

To help your compliance and legal teams understand and validate the compliance requirements for your organization, we’ve gathered the following compliance resources.

Third-Party Audits and Certifications

SOC Compliance

SOC 1

Service Organization Controls (SOC 1) reports provide information about a service organization’s control environment that may be relevant to the customer’s internal controls over financial reporting.

Our SOC 1 Type II report is issued in accordance with Statements on Standards of Attestation Engagements (SSAE) No. 18 (Reporting on Controls at a Service Organization) and the International Standard on Assurance Engagements (ISAE) 3402 (Assurance Reports on Controls at a Service Organization). The SOC 1 report, covering the design and operating effectiveness of controls relevant to DadeSystems’ applications, is issued annually and covers the twelve-month period of October 1 through September 30.

SOC Compliance

SOC 2

The DadeSystems SOC 2 Type II report is an independent assessment of our control environment performed by a third party.

The SOC 2 report is based on the AICPA’s Trust Services Criteria and is issued annually in accordance with the AICPA’s AT Section 101 (Attest Engagements). The report covers the 12-month period of October 1 through September 30, and details the design and operating effectiveness of controls relevant to any system containing customer data as part of the DadeSystems’ Applications. The DadeSystems SOC 2 report addresses all of the Trust Services Criteria (Security, Availability, Confidentiality, Processing Integrity, and Privacy).

HIPAA

HIPAA

DadeSystems has completed a Health Insurance Portability and Accountability Act (HIPAA) third-party attestation for DadeSystems enterprise cloud applications, which provides assurance that DadeSystems has a HIPAA-compliance program with adequate measures for saving, accessing, and sharing individual medical and personal information.

DadeSystems will sign business associate agreements (BAAs) with our customers when requested. These agreements ensure that our customers are able to meet their HIPAA and Health Information Technology for Economic and Clinical Health Act (HITECH) compliance requirements.

CCPA

CCPA

DadeSystems has completed a California Consumer Protection Act (CCPA) assessment for DadeSystems’ applications, which provides assurance that DadeSystems has a CCPA compliance program with adequate measures for safeguarding and using personal information.

DadeSystems will sign service provider agreements with our customers when requested. These agreements ensure that our customers are able to meet their CCPA compliance requirements.