Mersive Wireless Systems Are Now SOC 2 and SOC 3 Security Compliant
Mersive Technologies announced the company’s latest System and Organization Controls (SOC) 2 and SOC 3 reports, each stating that management of Mersive Technologies maintained effective controls over the security, confidentiality and availability of its wireless collaboration and sharing solution.
The company says the reports were issued by BARR Advisory, P.A., a global cybersecurity consulting and compliance attestation firm that has served as an advisor to hundreds of cloud-based and hybrid organizations aiming to build trust and resilience through cybersecurity compliance.
Mersive says the SOC 2 report is designed to meet the needs of existing or potential customers who need assurance about the effectiveness of controls used by the service organization to process customers’ information. A SOC 3 report is similar in scope but is shorter and allows for more general distribution.
The following principles and related criteria have been developed by the American Institute of CPAs (AICPA) for use by practitioners in the performance of trust services engagements:
- Security: The system is protected against unauthorized access (both physical and logical).
- Availability: The system is available for operation and use as committed or agreed.
- Processing Integrity: System processing is complete, valid, accurate, timely and authorized to meet the entity’s objectives.
- Confidentiality: Information designated as confidential is protected as committed or agreed.
- Privacy: Personal information is collected, used, retained, disclosed and disposed of to meet the entity’s objectives.
- HIPAA Security Rule Requirements: The system is compliant with the applicable HIPAA Security Rule requirements set forth in the U.S. Department of Health and Human Services’ (HHS) Health Information Portability and Accountability Act.