Recently, we have dealt with our clients struggling with vendors in the vetting process. Particularly, tech vendors of any sort. Many vendors have written off the HIPAA compliance requirements by simply saying “We are SOC2 compliant so you don’t have to worry about anything”. Often that is said by sales and management folks with a great deal of confidence. After spending some time at a recent HITRUST meeting I heard just how many people shouldn’t be so confident when making that statement. As with anything else the devil is in the details. What does SOC2 mean and how can you tell if that really means anything to you? Trust but verify is the key to answering that question for yourself.

More info: HelpMeWithHIPAA.com/131