Mingle Health: Compliance
We are proud of the work we have done to manage our risk and ensure that our policies and processes are effective at keeping our client data secure. Successfully completing the SOC 2 Type II audit highlights Mingle Health’s continued commitment to deliver best-in-class solutions and safeguards that protect and secure our clients’ data.
SOC 2 Type II
Mingle Health performs an annual SOC 2 Type II audit that is performed and delivered by CPA firm, KirkpatrickPrice. The audit specifically tests Mingle Health’s reporting controls that relate to security and confidentiality.
Mingle Health Enterprise Strengths Identified in SOC 2 Audit:
- Mingle Health has a thorough hiring process. The organization is very investigative in the people they hire. They have candidates meet with leadership at all levels of the organization during the interview process for cultural, operational, and security fit to the organization’s practice. This thoroughness has limited the amount of potential incidents and has provided the organization with a limited-sized but efficient staff.
- Mingle Health’s leadership strives to stay HIPAA compliant. The organization has taken great lengths to ensure they stay within HIPAA compliance from utilizing the vCISO to log every potential HIPAA disclosure breach. They even measure their Information Security Policy against the framework itself. At all levels, the organization is very knowledgeable and cautious on how they handle PHI and is very thorough when it comes to documentation.
- The organization performs weekly Nessus Scans. One of the reasons we were not able to find any findings on the IT level is due to the amount of vulnerability scanning that is done on internal systems. The frequency allows the organization to stay on top of issues at all times without letting any issues snowball into larger vulnerabilities, requiring more time to remediate.
A Qualified Partner Makes All the Difference
We value partnerships that encourage education, quality, and value-based outcomes. We want to create positive change for our clients, and we want that from our own third-party relationships. Our audit partner is no different.
KirkpatrickPrice is an information security auditing firm whose goal is to make sure its clients are secure and compliant with whatever industry standards or customer demands they are facing. They seek to partner with clients and empower them to reach challenging compliance goals.
KirkpatrickPrice’s auditors make all the difference. They have been CTOs, CISOs, CSOs, and more. They understand the pressures clients are under as well as how difficult it is to become and stay compliant. That’s why they want to make sure every audit is worth it.
KirkpatrickPrice has completed over 20,000 audits and security assessments for over 2,000 clients worldwide.
Additionally, KirkpatrickPrice holds certifications with the following organizations:
Choose a partnership that values security and compliance.
When you work with Mingle Health, you work with a partner that values:
Compliance | Data Security & Privacy | Quality Audits |
You want to work with a firm that understands and supports your security and compliance efforts. With Mingle Health, you can be sure you’ve chosen a partnership that will help you meet those goals. This means that parts of your own compliance have already been completed. | The Mingle Health infrastructure puts strong safeguards in place to help protect your data privacy. Protecting your data is our main priority, so we’ve taken all the necessary steps to design a program that values and protects your data security and privacy just as much as you do. | We’ve chosen an audit partner who provides quality testing and results we can trust. Not all audits are created equally, but by working with KirkpatrickPrice on our SOC 2 audit, we’re confident that the controls we have implemented are effective and compliant. |
Security and Compliance are Shared Responsibilities
Our system is designed to keep data safe. However, security is a two-way street, and we are both responsible for operating securely.
As a Mingle Health client you inherit all the best practices of our policies architecture, and operational processes built to satisfy the requirements of industry standards and best practices.
As a Mingle Health client, you are also responsible for the use and management of the system and the data added to it.
When these two elements work together properly, you can be confident in the security measures designed to protect your valuable data.
Compliance Results in Confidence
Audits are challenging, but we’re proud of the hard work we’ve done to earn compliance with SOC 2. We are committed to providing secure services, and these compliance efforts make us confident we’re doing what is necessary to make that happen.
SOC 2
This attestation provides evidence that Mingle Health has a strong commitment to security and to delivering high-quality services to our clients by demonstrating that they have the necessary internal controls and processes in place.