The Logic Group is committed to ensuring the highest security and operational standards in both our corporate practices and in the networks we maintain for clients. Listed below are areas of compliance that may apply to your business or organization and how The Logic Group holds each. If you have any questions regarding the following information and how it applies to your organization, please let us know.
SOC 2 Audit
The SOC 2 audit and ensuing report is a rigorous examination of an organization’s controls against criteria established by the American Institute of Certified Public Accountants. The report examines disclosed control activities and processes, and only the organizations committed to the highest level of security and confidentiality to its users seek a SOC 2 report. The Logic Group has received its SOC 2. Some have confused the SOC 2 with the SAS 70 or the SSAE 16. However, framework established previously under the SAS70 audit standards allowed for an organization to disclose its security controls with an independent audit opinion to verify the operating effectiveness of those controls over a specific period of time. The SOC 2 goes a step further by not only verifying that these controls are in place, but also by providing a standard by which similar service organizations can be evaluated using the same criteria. The benefit to The Logic Groups’ customers is that they have a mechanism to review and evaluate The Logic Group’s controls related to security and confidentiality through the filter of a certified, independent professional. With the advent of the SOC 2 audit, there is now a standard in place by which similar organizations can be compared — this adds a great deal of accountability to provide the products and services that have been promised. The Logic Group’s customers can be assured that measures have been taken to protect and secure their data and systems which meet the highest industry standards.
The Payment Card Industry Data Security Standards (PCI DSS) are a set of requirements and multiple sub-requirements against which a business may evaluate its policies and procedures regarding payment cards. The degree to which a company’s procedures, guidelines and policies align with the PCI DSS is the degree to which they are “PCI compliant.” In an effort to safeguard client information while utilizing a shared/cloud-based infrastructure, The Logic Group, Inc. maintains a PCI compliant infrastructure, and securely supports anyone wishing to maintain the highest level of PCI compliance. Further credentials and materials can be provided upon request.
The Health Insurance Portability and Accountability Act (HIPAA) regulations exist to ensure patient privacy remains at the core of responsible practices’ priorities. The responsibility for cohesive HIPAA compliance rests on the practice. However, some practices often ask if The Logic Group is HIPAA compliant. The Logic Group’s cloud infrastructure has all the requirements to support a medical practice’s best attempts at HIPAA compliancy. However, if a practice considers a move to hosted an EMR or outsourcing information technology, there will be additional compliance matters to address. The Logic Group can conduct a thorough assessment and provide specific, ground-level HIPAA recommendations.