Liveoak receives SOC 2 Type 2 and HIPAA Security Rule Compliant certifications
Our team here at Liveoak is pleased to announce that we have received the SOC 2 Type 2 certification from the American Institute of CPAs (AICPA) and the HIPAA Security Rule Compliant certification.
What does the SOC 2 Type 2 certification mean?
SOC stands for “system and organization controls,” and the controls are a series of standards designed to help measure how well a given service organization conducts and regulates its information. The purpose of SOC standards is to provide confidence and peace of mind for organizations when they engage third-party vendors. A SOC-certified organization has been audited by an independent certified public accountant who determined the firm has the appropriate SOC safeguards and procedures in place.
More specifically, SOC 2 is designed for service providers storing customer data in the cloud. It requires companies to establish and follow strict information security policies and procedures encompassing the security, availability, processing, integrity, and confidentiality of customer data. Learn more about our specific SOC2 Certification Process here.
What does the HIPAA Security Rule Compliant Certification mean?
The Security Rule requires covered entities to maintain reasonable and appropriate administrative, technical, and physical safeguards for protecting e-PHI (protected health information).
Specifically, covered entities must:
- Ensure the confidentiality, integrity, and availability of all e-PHI they create, receive, maintain or transmit;
- Identify and protect against reasonably anticipated threats to the security or integrity of the information;
- Protect against reasonably anticipated, impermissible uses or disclosures; and
- Ensure compliance by their workforce
Liveoak’s Virtual Interactions™ is a Software-as-a-Service platform that enables enterprises and their customers to virtually complete and sign complex paperwork, applications and multi-step workflows.
When we reference complex paperwork and applications, we are not referring to a simple form that can be completed by a customer on their own. We are referring to complicated applications and paperwork that require explanation and guidance.
Multi-step workflows typically include completing and signing paperwork in addition to providing one or more pieces of supplemental documentation. Examples include:
- verifying government-issued identification (driver’s license, ID card or passport)
- providing supplemental documentation such as a utility bill
- obtaining wet signatures
- capturing a photo of the client
Prior to Liveoak, these types of customer interactions were done in person, face-to-face. Now, these processes can be done remotely through Liveoak’s Virtual Interactions™ platform.
While completing applications and paperwork (for banking, insurance and financial accounts), customers are often required to provide personal information and sensitive data. Be assured that Liveoak is dedicated to providing a safe and secure environment for sensitive data and personal information. The SOC 2 Type 2 and HIPAA Security Rule Compliant certifications confirm that we are always taking the necessary steps to provide data protection and security.