SOC 2 Type 2 Compliance: Vispa’s Commitment to Security

Written By Joshua Schlabach

We’re excited to announce that Vispa has officially achieved SOC 2 Type 2 compliance, marking a significant milestone in our ongoing commitment to data security, privacy, and operational excellence. Following our successful Type 1 audit, this new achievement validates not only the design of our security controls, but their consistent effectiveness over time. We appreciate the steady support of Genius GRC, whose guidance helped us reach this milestone. Their role in this process has been invaluable and continues to make a difference.

What SOC 2 Type 2 Means—and Why It Matters

Unlike the Type 1 audit, which evaluates controls at a single point in time, SOC 2 Type 2 focuses on how well those controls operate over an extended period. This provides clients with greater assurance that Vispa is not only equipped with the right systems, but that we’re using them reliably and effectively to protect their data every day.

Inside the Audit

Our audit was conducted by Insight Assurance, an independent third party, and reviewed our controls across the Security category of the AICPA’s Trust Services Criteria. To assess the operating effectiveness of our controls, auditors used a combination of testing methods:

  • Inquiry – Discussions with key team members, supported by management.

  • Observation – Direct observation of processes and control execution.

  • Inspection – Review of documentation and operational evidence.

  • Reperformance – Independent re-creation of control actions to confirm performance.

As part of the audit, Insight Assurance also reviewed how our systems operate within our AWS hosting environment, verifying that our infrastructure leverages AWS’s native security in tandem with our internal protocols.

SOC 2 compliance is a key milestone that demonstrates a company’s commitment to protecting sensitive data and maintaining the highest standards of security.

What This Means for Clients

For our clients, SOC 2 Type 2 compliance provides an even stronger level of assurance that data protection is embedded in our operations, not just in theory, but in daily practice. It affirms that Vispa continues to meet the highest standards of security and accountability in the healthcare technology space.

Looking Ahead

This milestone is just one step in our broader mission to create a secure, trustworthy platform that enables healthcare teams to thrive. We’ll continue investing in robust systems, proactive security measures, and a culture of compliance to ensure our clients’ confidence today and into the future.

Special thanks again to Genius GRC for their expert guidance throughout this process.

To learn more or request access to our latest compliance reports, visit trust.vispaflow.com.

Joshua Schlabach
Next

Vispa Achieves SOC 2 Compliance: A Commitment to Security and Transparency