Austin, TX, December 12, 2020:
EqualizeRCM, a leader in helping healthcare providers maximize their reimbursement, today announced that it has recently completed its Service Organization Controls (SSAE 18 / SOC 1 Type II) certification for the sixth year in a row. A licensed CPA and independent auditing firm conducted the examination under Statement on Standards for Attestation Engagements No. 18, Reporting on Controls at a Service Organization (AICPA, Professional Standards, AT sec. 801).
Because most of our customers rely on our systems to process, transmit or store sensitive data, EqualizeRCM takes considerable care in designing its systems for the highest levels of security, reliability and scalability. That also includes developing a comprehensive set of security policies and procedures to keep our customers’ data protected and safe. This also helps to further mitigate risks and ensure that the sensitive data we handle is highly secured.
With the COVID-19 pandemic, EqualizeRCM, like other companies had to exercise its business continuity plan – operating with large numbers of remote employees. This year’s audit scope analyzed the controls in place over an extensive twelve-month period during 2019-20 and involved work from home user settings along with all departments; e.g., operations, finance, human resources, compliance, quality, information technology, software development, organization and administration.
A thorough and holistic security risk assessment helped EqualizeRCM manage an effective business continuity program. EqualizeRCM applied its robust security controls and encryption protocols to protect confidential and sensitive information used by remote working employees. These were further supplemented by a regular set of compliance and security audits for all work from home users.
These controls, policies and procedures helped EqualizeRCM qualify for the SOC 1 Type II recertification, from the licensed CPA and independent auditing firm, for the sixth year in a row. EqualizeRCM intends to continue this annual recertification examination conducted by a licensed CPA and independent auditing firm.
|SSAE 18 / SOC 1 is designated by the U.S. Securities and Exchange Commission (SEC) as an acceptable method for a user entity’s management to obtain assurance about service organization internal controls without conducting additional assessments. The Health Insurance Profitability and Accountability Act (HIPAA) requires corporations to audit the internal controls of their suppliers, including those that provide technology services. In addition, the requirements of Section 404 of the Sarbanes-Oxley Act of 2002 make SSAE 18 reports even more important to the process of reporting on effective internal controls by public companies.|