CoSo Cloud Gains Patient Data Protection Certification for Private Cloud

 CoSo Cloud LLC, a  private cloud managed services provider for secure virtual classroom training and web conferencing, has received Service Organization Control 2, Type II (SOC 2) + The HITRUST Alliance (HITRUST) certification, which demonstrates the company’s ability to fully protect patient and other sensitive, personally identifiable information (PII) in accordance with the Health Insurance Portability and Accountability Act’s (HIPAA) privacy and security provisions.

SOC 2 guidelines were created to provide an authoritative benchmark for proper control procedures and practices, while the HITRUST Common Security Framework provides requirements for creating, accessing, storing or exchanging personal health and financial information in a secure and transparent manner. By achieving SOC 2 + HITRUST compliance, CoSo Cloud demonstrates that third-party auditors have verified its implementation of best practices with respect to security in terms of physical infrastructure, the software that it uses, the personnel involved in governance, both automated and manual processes used, and data.

CoSo Cloud received its original validation of SOC 2, Type 2 in January 2017. With this new expanded certification of SOC 2 + HITRUST, CoSo customers in the healthcare and pharmaceutical industries can conduct high-consequence virtual training and meetings safely and securely, knowing the CoSo Secure Private Cloud meets HIPAA regulatory compliance requirements.

“Achieving the SOC 2 + HITRUST certification, added with our existing FedRAMP ATO certification for federal government, means highly sensitive data for all industries is protected and securely stored in Adobe Connect meeting rooms within CoSo Cloud global data centers,” said Blake Loring, lead security engineer, CoSo Cloud. “IT security teams are becoming increasingly aware of the risks and costs of generic unified communications systems on shared public clouds used for business. Enterprises turn to CoSo when security, compliance and reliability cannot be compromised for virtual training and high consequence web meetings.”

The company said it will continue to perform SOC 2 examinations on an annual basis with a licensed CPA firm.