InsiteOne Successfully Completes SOC 2 Assessment

InsiteOne successfully completes a SOC 2 assessment to further our commitment to data security. At InsiteOne, we continually invest in security best practices to ensure that our client’s data stays safe and secure. As a part of an on-going effort, we are excited to announce that we’ve successfully completed our SOC 2 report.   

The examination was conducted by A-LIGN, a technology-enabled security and compliance firm trusted by more than 4,000 global organizations to help mitigate cybersecurity risks. “InsiteOne’sSOC 2 report validates its commitment to data security and protection, as well as compliance with critical standards to mitigate cybersecurity threats.”  Said David Cook, CEO of InsiteOne. 

What is a SOC 2 report and what does it mean for InsiteOne?  In this article, we will walk you through the ins and outs of a SOC 2 report and how the report symbolizes trust to our clients. 

What is SOC 2 report?

A SOC 2 report  addresses risks associated with the handling and access of data, and can be used by a variety of organizations of any size (e.g. SaaS, colocation, data hosting, etc.) Rather than a cybersecurity assessment that evaluates specific technical configurations, a SOC 2 report focuses more on how an organization implements and manages controls to mitigate the identified risks to the different parts of an organization. 
 

The SOC 2 audit testing framework is based off of the Trust Services Criteria (TSC), which are used to identify various risks (points of focus) an organization should consider addressing. Based on the TSCs the organization selects to be in-scope, the third-party compliance and audit firm (in our case, A-LIGN) evaluates whether the organization has the appropriate policies, procedures and controls in place to manage the identified risks effectively. 

There are five Trust Services Criteria. The first criteria, Security, must be included with every SOC 2 report and is referred as the “Common Criteria”.  The remaining four are optional to include: 

  1. Security (required) 
  1. Availability (optional) 
  1. Processing Integrity (optional) 
  1. Confidentiality (optional) 
  1. Privacy (optional) 
     

In order to pass a SOC 2 examination and receive a letter of attestation successfully, it means an organization is addressing controls in areas such as information security, access control, vendor management, system backup, business continuity and disaster relief, and more.    

Who should get a SOC 2 Examination?

Organizations of all sizes and industries can benefit from a SOC 2 Examination, as the audit can be performed for any organization that provides a variety of services to its customers. A SOC 2 report highlights the controls in place that protect and secure an organization’s system or services used by its customers. The scope of a SOC 2 Examination extends beyond the systems that have a financial impact, reaching all systems and tools used in support of the organization’s system or services.  

Why do I need a SOC 2? 

Today, many organizations outsource their business operations and services to third-party vendors, possibly putting client data at risk.  For this reason, organizations request that their vendors achieve SOC 2 compliance to demonstrate rigorous IT security standards.  Some additional reasons to consider a SOC 2 report for your organization include: 

  1. Clients will most likely request a SOC 2 sooner or later.   
  1. SOC 2 can bring a competitive advantage to your business. 
  1. Enhanced information security practice.  
  1. SOC 2 helps you gain customer trust. 
  1. Ensure your employees understand best practices.  

Know your data is safe and secure with InsiteOne 

InsiteOne will make the SOC 2 report available to current or potential customers upon execution of a non-disclosure agreement.  We hope the steps we have taken help you and your IT teams remain confident in knowing that your data is secure with InsiteOne.  To learn more about our security policies and initiatives, please contact Chris Platt at [email protected]     

About InsiteOne

InsiteOne develops innovative solutions that address the complex storage and workflow needs of the healthcare industry. For over 20+ years, InsiteOne has helped healthcare organizations grow and adapt as digitization evolved by providing world-class storage infrastructure and disaster recovery solutions.  Most recently, InsiteOne completed the acquisition of BRIT Systems cloud native RIS/PACS/VNA to round out our ecosystem of solutions and provide comprehensive workflow solutions for radiology, teleradiology, and other imaging specialties.  As a managed services provider, we protect over forty billion clinical objects daily, and have earned our partners trust for over two decades to keep their data safe, secure, and always available. 

Are you ready to undergo a SOC 2 audit?  Check out A-LIGN’s SOC 2 Readiness Checklist to learn how close your organization is to reaching its potential.  

About A-LIGN

A-LIGN is the only end-to-end cybersecurity compliance solutions provider with readiness to report compliance automation software paired with professional audit services, trusted by more than 4,000 global organizations to help mitigate cybersecurity risks. A-LIGN uniquely delivers a single-provider holistic approach as a licensed CPA firm to SOC 1 and SOC 2 Audit services, accredited ISO 27001, ISO 27701 and ISO 22301 Certification Body, HITRUST CSF Assessor firm, accredited FedRAMP 3PAO, authorized CMMC C3PAO, PCI Qualified Security Assessor Company, and PCI SSC registered Secure Software Assessor Company. Working with growing businesses to global enterprises, A-LIGN’s experts and its compliance automation platform, A-SCEND, are transforming the compliance experience. For more information, visit www.A-LIGN.com

InsiteOne​ is Acquiring BRIT Systems Cloud Native RIS/PACS/VNA

InsiteOne will continue to develop and support BRIT Systems RIS/PACS while building new solutions that address key needs in radiology and enterprise workflows. 

Press Release

Wallingford, CT — ​11/21/2023​ InsiteOne, an original founder of true cloud-based Vendor Neutral Archive (VNA) solutions and pioneer in clinical image management, announces they are acquiring BRIT Systems. “Today marks an important milestone in InsiteOne’s 20+ year journey to deliver advanced radiology workflow and Enterprise Imaging solutions. InsiteOne is delighted to add BRIT System’s world-class cloud native RIS/PACS/VNA to our portfolio, allowing us to deliver solutions that address the unique needs of the healthcare market. We are thrilled to welcome BRIT’s loyal customers to our family and look forward to sharing our next generation of solutions,” said David Cook, CEO of InsiteOne.

BRIT Systems Roentgen Works RIS/PACS/VNA provides InsiteOne a true multi-tenant platform to advance imaging workflows. InsiteOne continues to focus on developing cost-effective solutions that improve operational productivity while enhancing patient care.   

“BRIT Systems has always delivered world-class solutions to the radiology industry since 1993, providing extensive flexibility, customization, and feature-rich tools that improve imaging operations. Roentgen Works is easy to use, fast to deploy, and saves customers valuable time and money. We are excited to join InsiteOne, as we share a similar passion to provide world class solutions and exceptional customer support,” said Kyle Boyd, VP BRIT Systems.

About InsiteOne

InsiteOne develops innovative solutions that address the complex storage needs of the healthcare industry. For over 20+ years, InsiteOne has helped healthcare organizations grow and adapt as digitization evolved by providing world-class storage infrastructure and disaster recovery solutions. Protecting around forty billion clinical objects daily, InsiteOne’s partners trust us to keep their data safe, secure, and always available.

About BRIT Systems

BRIT Systems provides custom, cloud-native turn-key solutions for PACS, RIS, teleradiology and digital reporting. Founded in 1993, BRIT designs and deploys innovative RIS/PACS solutions to meet the unique needs of medical imaging workflow in hospitals, radiology groups, and imaging centers. BRIT was acquired by Imaging Advantage in 2014 and then in 2017, Envision Healthcare acquired Imaging Advantage.

Join us at RSNA 2023 in Chicago, IL from November 26th-29th in the South Hall, Booth #4007 to learn more.

To learn more visit: www.insiteone.com or www.brit.com

Media Contact

Doug Rufer – Director of Marketing and Sales 

Doug.Rufer@IinsiteOne.com