Today, Hum is proud to announce that we have successfully completed a System and Organization Controls (SOC) 2 Type II audit, performed by Sensiba San Filippo, LLP (SSF).
SOC 2 specifies how personal customer information and data of any kind should be managed to remain secure. This certification reinforced Hum's commitment to protecting clients and prioritizing exceptional data security practices.
The SOC 2 information security standard is an audit report on the examination of controls relevant to the trust services criteria categories covering security, availability, processing integrity, confidentiality and privacy. A SOC 2 Type II report describes a service organization's systems and whether the design of specified controls meets the relevant trust services categories, and assesses the effectiveness of those controls over a specified period of time.
Hum’s SOC 2 Type II report did not have any noted exceptions and therefore was issued with a “clean” audit opinion from SSF.
What Is The SOC 2 Certification?
The Service Organization Control (SOC 2) Certification is a framework created by the American Institute of CPAs (AICPA). It is an in-depth external audit that scrutinizes a company's information systems to ensure they meet the AICPA’s five principles of trust:
- Security - Information systems are secured against unauthorized access, compromises, and damage that could affect the entity’s ability to meet compliance.
- Confidentiality - All information is confidential to meet entity objectives.
- Availability - I.T. protections are in place to meet the entity’s objectives.
- Processing integrity - The integrity of the protection is timely, valid, and complete.
- Privacy - All information that could be considered sensitive, private, or personal is collected, retained, disclosed, and disposed of based on the entity’s objectives.
With this important compliance step, Hum joins companies like Microsoft and Amazon, who have obtained the SOC 2 to prove their dedication to protecting their customer data.
Data security has been a top priority and core value for Hum since day 1, so we are very proud to have achieved the demanding standards of this accreditation. It confirms to current and future clients in the scholarly publishing, professional publishing, and association spaces that Hum manages their reader and member data with the utmost care.
We remain committed to meeting the gold standard for privacy and data integrity. If you're interested in learning more about how Hum CDP keeps data safe, you can access our data protection and compliance documentation at any time.