Decisions, a leading process automation platform that orchestrates business rules, workflows, and artificial intelligence, proudly announced its attainment of System and Organization Controls (SOC) Type 2 + HIPAA certification. This achievement stands as a testament to Decisions' unwavering dedication to the highest standards of data security and privacy for its customers and the HIPAA certification demonstrates Decisions' compliance with the HIPAA Security Rule requirements (Sections 154.308-316), where those requirements are applicable.

The SOC2 Type 2 certification validates Decisions' adherence to industry-recognized standards in security, availability, processing integrity, confidentiality, and privacy. The certification process, overseen by the reputable professional services firm, Moss Adams, involved a comprehensive evaluation of Decisions' policies and practices, affirming the company's commitment to continuously improve its data security measures.

The collaborative efforts of various departments, including Security and Compliance, HR, CloudOps, QA, System Administrators, and Development teams, ensured seamless alignment with the trust services criteria and security requirements set forth by SOC2 and HIPAA.

Alongside the SOC2 Type 2 certification, Decisions was also recertified in June 2023 for the Payment Card Industry Data Security Standard (PCI DSS). These certifications exemplify Decisions' dedication to maintaining the highest levels of security and compliance across its operations.

Pravash Mukherjee, the Decisions Director of Technology and Delivery, remarked, "Through this critical milestone, customers can rest assured that at Decisions, we consistently adhere to and enhance policies and practices to assure their data and sensitive information remains safe and protected. Achieving this certification ahead of schedule reflects our dedication to prioritizing data security and privacy without compromising our commitment to excellence."

Customers and partners can expect a heightened level of confidence when working with Decisions, knowing that the company's commitment to data security and privacy is reinforced by the SOC2 Type 2 + HIPAA and PCI DSS certifications. With these certifications, Decisions continues to be a reliable and trustworthy partner for businesses navigating the complexities of the digital landscape.

Looking ahead, Decisions remains committed to upholding SOC2 Type 2 compliance standards and enhancing its security posture and compliance measures. Future initiatives include introducing a platform for dark web scans of Decisions employees, enhancing monitoring of company assets, and implementing automation for gathering compliance evidence.