Industry News Archives

Strategies for Managing Genetic and Molecular Test Preauthorization

Posted on September 13, 2017October 12, 2021

In the world before molecular diagnostic CPT codes and payer required prior-authorization, labs could develop, validate, and immediately go to market with a new test. Labs focused their accession workflows on delivering rapid turnaround times and deferring reimbursement efforts until after test results were reported. Today, many payers require pre-test authorization for genetic and molecular tests. Using third party online utilization management programs, payers are able to enforce pre-testing requirements. To secure reimbursement, labs will need to determine how best to integrate prior authorization into their accession and revenue cycle workflows.

Know Your Payer Requirements.

When it comes to preauthorization, it is important to know what your payers require. Some prior authorization programs may require test registration and/or genetic counseling and may limit or discontinue retro-authorization options. The latest payers to adopt such programs are Anthem Blue Cross and UnitedHealthcare.

Define Your Lab’s Financial Goals.

Before you can determine the best strategy for managing pre-test authorization, you need to define your lab’s financial goals and establish your lab’s identity, including the willingness to trade reimbursement for market share and volume. Start by analyzing your historic revenue data. Analytics will help you understand and anticipate what the new pre-test requirements will cost your lab. A good revenue cycle system can help you identify which of your tests, patient populations, providers, and payers perform best financially and which do not. Investigate under-performing product-market segments. Is it a volume issue, a cost issue, or both? Are the right tests being ordered and performed? Engage in a low-cost, high-impact educational campaign targeting providers and patients as well as your own sales team and back-office support.

To Test or Not To Test – Things to Consider.

When you are sure the right tests are being properly ordered, you need to decide whether or not your lab should perform the tests. Delivering rapid turnaround in the midst of rigorous payer pre-test requirements adds complexity and cost to your lab’s operations. What level of calculated risk to reimbursement is your lab willing to accept in order to maintain market share and deliver rapid turnaround? Here are some things to consider during your decision-making process.

With certain exceptions, Medicare defines Date of Service (DOS) as the date the specimen is collected, making it virtually impossible for the laboratory to obtain prior authorization after the specimen has been received. Some commercial and Medicare Advantage plans may allow the DOS to be the date the test report is signed. It is in the lab’s best interest to have all pre-test requirements before starting the test. Pre-test requirements include not only payer prior authorization, but also basic coverage determination. In the event the test is not a covered benefit, the payer may require patient consent through the use of an Advance Beneficiary Notice (ABN) form in order to bill for the test. How will the need for prior authorization and ABN impact your accession process? Consider deploying a client-facing ordering portal that will include the payer pre-test requirements so that the ordering physician has the necessary information at the time of ordering.
Another strategy is to revisit your payer contracts. If during payer negotiations your lab cannot eliminate a payer’s requirement for prior authorization, then you may want to attempt to negotiate the terms. Some labs have been successful in negotiating a 2-week window from specimen collection in which to secure pre-test requirements. If granted, it would be the lab’s decision whether or not to go to testing during this time, tailoring accession operations based on product-market segment performance. Specimens from high-performing segments would move to testing immediately, while specimens from other segments could be held until all pre-testing requirements are met.
Consider the demands of proper specimen handling. Many biological specimens (blood, urine, bone marrow) do not have long viability. Define your lab’s specimen handling requirements to ensure the integrity of your test results. Identify these procedures and protocols in your negotiations with payers stating the adverse effects of testing delays. Plan for these operations in your accession workflow strategies.

Choose Your Next Move.

The choices you make for how your lab moves forward in the midst of today’s rigorous pre-testing requirements depends on your lab’s ability to optimize its revenue cycle while delivering quality test results. Achieve operational success and maximize reimbursement efforts by understanding the payer’s requirements and then deploying an optimized, prioritized workflow.

Business Continuity for Your Revenue Cycle – Are You Prepared?

Posted on August 31, 2017October 12, 2021

Witnessing the aftermath of Hurricane Harvey, businesses are reminded that disaster can strike at any time. Being prepared is critical. For healthcare organizations, the rigors of contingency planning are on-going. Whether a catastrophic event or a localized outage, an interruption in your organization’s operations can be costly, compromising performance, productivity, and cash flow.

Achieving a state of preparedness, business continuity planning considers contingencies to create the options and ensure their reliable availability during and after an event. Effective healthcare IT business continuity planning protects against the inability to access critical data, an interruption in communications, or technology downtime due to an infrastructure failure. Consider all possible risks—natural disaster, power outage, hardware or network failure—analyzing the likelihood of occurrence and its impact on your operations. Determine, document, and regularly test your mitigation strategy and recovery procedures.

To help you get started, The Office of the National Coordinator for Health Information Technology has published the Safety Assurance Factors for EHR Resilience (SAFER) guide complete with self-assessment contingency planning checklists, recommended practice worksheets, and additional resources and references.

Business continuity planning in healthcare is more than just good business, it’s the law. Mandatory under the Health Insurance Portability and Accountability Act (HIPAA), The Department of Health and Human Services (HHS) requires that organizations have a “comprehensive testing and monitoring strategy in place to prevent and manage downtime events.” This mandate, as part of HIPAA’s Security Rule, requires technology and protocols to back up data, be able to rapidly restore data and continue operating in “emergency mode” after an event. For more information, visit Summary of the HIPAA Security Rule and Guidance on Risk Analysis on the HHS website.

When developing and testing your business continuity plan, be sure to assess the preparedness of your service and software vendors, including RCM systems and support in your assessment. Your cash flow is critical to your organization and should not be overlooked.

At Quadax, we are committed to security, privacy and compliance; investing heavily to protect our clients’ data as well as our own, with infrastructure designed for optimal business continuity, risk mitigation, disaster recovery, and HIPAA and HITECH compliance. With robust data centers, we have the redundancy to supply our clients a high level of uptime. To further enhance our effectiveness, Quadax recently installed a 500-kilowatt, 850-gallon diesel-powered generator at our main office. The generator, capable of supplying full power to maintain 100% of our operations at Quadax’s main office, provides our staff with reliable uptime so they can deliver dependable service and support to our clients. Learn more about RCM solutions powered by Quadax.

RAC Audits and What They Mean for Healthcare Providers

Posted on August 3, 2017October 12, 2021

A legacy of the Medicare Modernization Act of 2003 and mandated by the Tax Relief and Health Care Act of 2006, the Recovery Audit Contractor (RAC) program recovers hundreds of millions of dollars for the Medicare Trust. Designed to identify and correct improper Medicare payments made to providers, RAC audits can cost healthcare providers time and money.

In their 2016 annual report, the Medicare Trust predicted the fund behind Medicare Part A, at the current rate of spending, is due for depletion in 2028.* Concern about this potential insolvency combined with RACs increasing ability to harness the power of big data has led to an enormous increase in RAC audits and their subsequent appeals during the last several years.

The Government Accountability Office (GAO) issued a report in June 2016 stating that there had been a 936% increase in appeals at CMS (Centers for Medicare & Medicaid), which ultimately led to a severe backlog in the appeals process and mounting criticism. In a recent court order, Health and Human Services (HHS) has been mandated to fix the Medicare appeals backlog by the end of 2020 and to meet annual backlog reduction goals during the interim.* While efforts to reduce the case backlog are underway, the RAC program continues to generate new RAC audits. RAC audits are not going away. *Since publication, the appellate court on Friday, August 11, 2017 overturned the recent district court ruling which ordered HHS to clear the Medicare reimbursement appeals backlog by 2020 stating that the order was “an error of law” and “an abuse of discretion.”

How do RAC audits play out for providers?

First, the provider gets a hardcopy letter notifying them of the audit. The contractor will then carry out one of two types of reviews: complex or automated. Complex audits must be done manually and typically involve a Manual Records Request / ADR letter. Automated RAC claim reviews do not require manual input, using powerful algorithms that can potentially land any given provider with fee-for-service Medicare claims in a stressful situation.

A big audit has the potential to cause a lot of damage, especially to smaller providers that may not have the cash to pay the amount indicated by the audit before appealing it. If a provider doesn’t pay the amount right away, it will start gaining interest at a very high percentage (ca. 10-12%). If that provider neglects to pay with the intent to appeal, and then loses the appeal, they will have to pay for the owed amount revealed in the audit as well as the interest accrued. On the other hand, if a provider pays right away, appeals the audit, then wins the appeal, CMS will reimburse the amount with interest. However, considering the current state of CMS’s appeals backlog, this decision is not always an easy one to make.

What can providers do to stay vigilant regarding RAC audits?

Fortunately, there are many steps providers can take to ensure that potential RAC audits don’t lead to any unpleasant surprises.

Stay informed

The CMS website is a good place to start along with the CMS’s three official auditing partners: Performant Recovery, Inc. (Region 1 and 5), Cotiviti, LLC (Region 2 and 3), and HMS Federal Solutions (Region 4). Each of these organizations offers information aimed at preparing providers for a RAC audit.

In addition to Medicare-sponsored resources, there are plenty of industry publications that regularly report on RAC audits and offer RAC-focused articles, blog posts, webinars, and other useful content. To name a few: Becker’s Hospital Review, RACmonitor, HME Business, For the Record Magazine, the American Medical Association, the American Hospital Association, and more.

Make sure your RCM partner uses RAC-specific edits

The best protection is prevention. Healthcare providers of considerable size often elect to partner with Revenue Cycle Management (RCM) organizations to manage everything from claim scrubbing, to bill collection, to appeals management. The best solutions out there will help you stay a step ahead of potential audits by automatically scrubbing your Medicare claims to make sure they are CMS-compliant before you send them.

Take advantage of AHA’s RACTrac Survey with a compatible vendor.

Though RAC audits put providers on the defense, providers do have a voice in negotiations with lobbyists, lawmakers and RAC contractors: the American Hospital Association (AHA). One of the AHA’s initiatives is the RACTrac Survey, which collects data submitted by participating providers and compiles quarterly reports meant to “assess the impact [of] the Medicare Recovery Audit Contractor (RAC) program on providers”.

The survey can be time consuming. But if done with the help of an RCM vendor certified by the AHA to be compatible with the RACTrac survey, your claim data can be automatically imported in a matter of seconds.

As the frequency of RAC audits continues to increase, so does the likelihood that your company will one day face one. They can seem daunting. But with the proper preparation, even a RAC audit can be surprisingly doable.

(*) source: 2016 Annual Report of the Boards of Trustees of The Federal Hospital Insurance and Federal Supplementary Medical Insurance Trust Funds, Actuarial Analysis of Present Value, page 71.

FASB New Standard on Revenue Recognition – Are You Ready for ASC 606?

Posted on July 27, 2017June 29, 2020

With effective dates looming, ASC 606 implementation readiness is top of list for many executives. All entities that enter into contracts with customers will need to be prepared. Effective dates are set to begin after December 15, 2017 for public entities and after December 15, 2018 for nonpublic entities. The intent of the new Accounting Standards Update (ASU) No. 2014-09 is to establish a core principle for revenue recognition across all industries, both domestically and internationally, with converged guidance from the Financial Accounting Standards Board (FASB) and the International Accounting Standards Board (IASB).

Revenue, as a measure of performance, is used in comparative analysis, risk assessment, and other business venture due diligence. By making revenue recognition consistent, the new standards will help users of financial statements understand the nature, amount, timing, and uncertainty of revenue and cash flows arising from contracts with customers.

Health care providers should understand not only what rules are changing, but also how the updated standards may impact financial modeling and reporting. Detailed attention should be given to the rules’ impact on net patient service revenue given the variety of contractual arrangements present in this revenue stream. For help understanding ASC 606 unique impact on healthcare, The American Institute of CPAs (AICPA) Health care Entities Revenue Recognition Task Force is one of 16 industry task forces created to identify potential implementation issues and provide guidance.

By way of an overview of the New Standard on Revenue Recognition, please reference FASB ASC Topic 606 Fast Facts below. Another excellent resource for Healthcare Financial Management Association members is the article, Healthcare Revenue Recognition 5 Steps for Net Revenue Modeling and Reporting Considerations, published January 2017.

*FASB ASC Topic 606 FAST FACTS*
Who	All entities that enter into contracts with customers.
What	Financial Accounting Standards Board (FASB) New Standard on Revenue Recognition Accounting Standards Codification (ASC) Topic 606 (ASU 2014-09): Revenue from Contracts with Customers Core principle: recognize revenue to depict the transfer of promised goods or services to customers in an amount that reflects the consideration to which the entity expects to be entitled in exchange for those goods or services.
When	On 8/12/15, FASB decided to defer the effective date by one year. Public organizations should apply the new revenue standard to annual reporting periods beginning after December 15, 2017. Nonpublic organizations should apply the new revenue standard to annual reporting periods beginning after December 15, 2018.
Where	To help identify WHERE implementation challenges may be greatest for healthcare providers, please visit AICPA’s Health Care Entities Revenue Recognition Task Force landing page for implementation issue updates and guidance.
Why	Objective: Establish the principles to report useful information to users of financial statements about the nature, timing, and uncertainty of revenue from contracts with customers.
How	FASB ASC Topic 606 outlines for organizations the five steps to use to determine HOW to recognize revenue from customers.

Given healthcare’s variety of contractual arrangements with customers to provide services and goods (performance obligations), the numerous ways that entities are paid may make implementation a challenge. Add to that the industry’s transition to value-based reimbursement, and healthcare providers find themselves facing additional complexity when executing revenue recognition step #3, determining the transaction price.

Companies will need to choose which method they will use to comply with the new FASB standard. There are two transition methods: Full Retrospective and Modified Retrospective. Some companies may opt to restate sales for the required number of prior years, while other companies may choose the modified compliance approach, applying the new rules only to existing and future contracts as of the effective date. Regardless of which method chosen, a significant amount of dual reporting will be required—reporting both under the old Generally Accepted Accounting Principles (GAAP) and the new incorporating FASB ASC Topic 606.

Whether public or nonpublic, affected companies should begin preparing now for the adoption of the new requirements. Inventorying revenue streams—developing reporting formulas for every class or type of contract—and evaluating how revenue will be affected by the new rules is a great place start. ASC 606 countdown has begun!

Achieve Up to 23% Cleaner Claims With Your Epic Integration

Posted on July 13, 2017June 29, 2020

The selection of an Electronic Health Record (EHR) solution for your practice, clinic, hospital, or health system is one of the most important decisions a healthcare provider can make. The impact on how you provide clinical care is paramount; equally important is how an EHR enables the financial health of your organization. While EHR vendors assert their abilities to help you submit clean claims directly to payers, providers remain responsible to understand, maintain, and apply the necessary payer information to process claims correctly. Recognizing the complexities of healthcare payer billing, EHR vendors such as Epic have taken steps to allow direct integration with only select healthcare claims clearinghouses such as Xpeditor™ by Quadax. If you are an Epic Resolute customer, you have options.

Most Epic customers make a significant investment in developing workflows within Resolute to handle claim processing, claim follow-up, and denial management functions—Resolute’s Accelerated Claim Reconciliation (ACRD) module enables this functionality by providing third party systems the ability to influence the workflow’s running in Epic. To fully maximize this benefit, Resolute customers will want to consider engaging the expert, Epic selected clearinghouse Xpeditor™ for the creation and maintenance of payer rules—from Medical Necessity (LCD/NCD), Medically Unlikely Edits (MUE), Correct Coding Initiative (CCI), and Outpatient Code Editor (OCE) to the thousands upon thousands of government and commercial payer-specific rules. Attempting to manage this task in-house can be difficult and the risks are high should there be issues.

Maximizing your Epic investment without compromising your claim efficiency is the reason Epic customers choose Quadax and our Xpeditor™ Host Interface Module (HIM). Xpeditor HIM provides seamless, real-time integration with Epic Resolute’s Accelerated Claim Reconciliation (ACRD) and Claim Reconciliation (CRD) modules. Claims that require intervention are processed with immediate feedback to Resolute to expedite correction efforts using Xpeditor’s industry leading claim editing rules. Clean claims are processed by the Quadax clearinghouse for payer submission with all communications fed into Resolute for a complete audit trail that includes payer acknowledgments, acceptance, or rejections through final adjudication.

When taking the “pulse” of your Epic integration, be aware of the following vitals and make the choice that best enables the financial health of your organization.

The average Epic facility using HIM by Quadax improved their Clean Claim Rate by 23%.*
Xpeditor’s claim editing rules result in an industry-leading first pass rate of 99.6% through millions of claim edits covering LCD/NCD policies, MUE, CCI, OCE, RAC audit guidelines, and thousands of individual payer rules.
HIM clients achieve an average Clean Claim Rate of 95%.*
HIM clients enjoy superior control with XpressBiller, which allows for automated error correction, custom error repair, error suppression, and other powerful claim automation features.
Having difficulty resolving an error in Epic Resolute? HIM clients gain the Xpeditor advantage for the ultimate fallback in claim editing capabilities to ensure claims go out clean on the first pass.

Learn more about how Quadax can help you make the most of your Epic investment, download Xpeditor’s HIM information sheet. Creating connections, providing intelligence, and equipping providers, revenue cycle optimization solutions by Quadax.

(*) Source: A recent Quadax study, Decision Support: Errors and Analysis, performed 1Q 2016 sampling 180+ facilities.

Epic and Epic Resolute are trademarks or registered trademarks of Epic Systems Corporation in the United States and/or in other countries.

Leading Industry Innovation in the Healthcare Heartland

Posted on July 6, 2017June 29, 2020

Celebrating diversity and skill, Cleveland is a town of winners – with or without a championship trophy. Like our sports teams and the fans who support them, the region reveals a loyal, tightly knit community working in coordination to deliver specialized experience and ability.

A vibrant healthcare ecosystem located in the heart of the Midwest Corridor, Cleveland is home to world-class healthcare institutions, health-tech and high-tech companies, and academic centers. Sourcing a specialized workforce, Cleveland has been a leader in medical advancement for decades. Behind the innovation are several planning groups, organizations, and alliances that encourage, promote, and support innovative endeavors and partners in the industry.

One such group, the Cleveland Health-Tech Corridor (HTC) recognizes the region as a “strategic location for innovation”. Another group, the Global Center for Health Innovation facilitates shared forums for “learning, collaboration, and discovery to power healthcare transformation.” Both groups contribute to growing Cleveland’s dominance in the healthcare sector.

Headquartered in healthcare’s heartland, Quadax is Cleveland born and bred. Quadax maintains five Northeast Ohio locations, engaging the region’s rich resources to serve clients coast-to-coast. With a focus on optimizing revenue cycle and electronic transaction workflow, Quadax operates nationally, serving a diverse set of clients, from large multistate healthcare campuses to cutting edge genomic and molecular diagnostic labs.

Proud of our Midwestern Healthcare Corridor roots, we put our customers first with three principles in mind: create value, champion health, and never settle. As a trusted partner, an industry expert, and dedicated service provider, Quadax works together with our clients in seamless unity. Taking care of our clients, we help them serve and take care of our communities!

Implications of Narrow Healthcare Networks on Laboratory Providers

Posted on June 26, 2017June 29, 2020

In less than three short years (2014-2017), narrow and ultra-narrow networks have increased from 48% to 53% of all networks. With their majority influence, these networks are reshaping the healthcare industry. To survive, labs of all kinds will need to understand the implications of narrow healthcare networks on their ability to access patients and collect reimbursement.

To begin, it is important for laboratory managers and pathologists to understand the reasons behind insurers’ creation of narrow networks and their perceived value by consumers and employers.

How do plans with limited networks provide cost savings for health insurers and health consumers?

The goal is to deliver increased patient volume (and revenue) to the provider in return for lower costs to the insurer (and ultimately the patient) achieved through reduced rates. Insurers limit the number of doctors, hospitals, and other providers a patient can visit in order to negotiate a lower cost for services with networked providers in return for a higher volume of patients. Insurers also promote to consumers that narrow networks allow insurers to influence the delivery of coordinated healthcare by offering targeted in-network solutions to help physicians and providers give patients more personalized care.

Looking for value, consumers prefer health plans with lower premiums over higher-priced health plans that offer access to more providers—22% and 19% respectively. Similarly, employers prefer the benefit of lower health plan premiums with 56% of employers considering narrow networks as a way to reduce medical costs. The level of savings could be a very good deal for consumers and employers, but whether these health plans can deliver value depends on whether or not the insurer’s selected network can provide adequate care.

With limited accessibility and availability, can narrow networks provide adequate care?

While narrow network plans might save money for insurers, consumers, and employers, they could make it harder for patients to get the care they need, where and when they need it. The plans may not include enough nearby providers and the providers they do include may be too busy to take new patients in a timely fashion. This could be problematic if a patient is unable to obtain the timely healthcare they need within their network. It can be further compounded if the plan provides limited or no out-of-network benefits.

Network Adequacy Standards

Federal and state regulations qualitatively state that networks should provide for reasonable access, without unreasonable travel or delay. Regulation of health plan provider networks often includes quantitative standards that may review the number of providers, provider-to-enrollee ratios, the mix of provider types, and the distribution/location of providers from whom enrollees may reasonably be expected to obtain services. Encouraging network transparency, regulation may also require that provider directories are updated at least once each month. The key to any successful regulation is compliance and enforcement. Without means to measure and enforce Network Adequacy Standards proactively, federal and state regulators are limited to respond after-the-fact to patient complaints regarding network compliance.

Implications laboratory providers may want to consider

Whether your laboratory pursues an in-network or out-of-network strategy, it is important to consider the effect narrow provider networks will have on your lab’s ability to access patients and collect reimbursement.

If your lab is seeking to be an in-network provider in a limited network plan, it may be helpful to learn about the network’s size, mix, and distribution/location as well as any governing Network Adequacy Standards that may be in effect. This information can help you communicate how your lab will fit within and add value to the network’s model. Also, be prepared to discuss price. It may be helpful to approach the topic of price from a value-based perspective. Payers will be interested to learn how your lab testing services can contribute to improve patient outcomes and reduce the cost per episode of care. You may want to demonstrate your lab’s value by sharing relevant statistics. For additional network negotiation strategies, reference Developing Clinical Laboratory Strategies to Gain Network Access.
If your lab remains an out-of-network provider, your lab will need to balance offering a low price through the narrow health network with preparing for patients to be responsible for paying the entire cost of the test. Be aware that out-of-network providers face new constraints on their ability to balance bill members of government-funded and commercial plans, while commercial payers are continuing to sue out-of-network providers to stop improper referrals and cost-sharing waivers.

Regardless of your network strategy, it is important to know the implications of narrow healthcare networks on your lab’s business model and to have available your lab’s performance statistics so you can negotiate value and drive efficiency and cost containment measures. Learn how Quadax can help; visit Reveal Opportunities. Analyze Impact. Deliver Results.

Don’t Misplace Your Trust, Choose a SOC 2 Certified Service Provider

Posted on June 12, 2017June 29, 2020

A breach, crash, or targeted attack can be devastating to an organization, so it’s no surprise that IT-based service providers have a vested interest in having qualified third-party auditors certify the security and availability of their organizational systems. Both service providers and their clients have a lot riding on the security of their data as well as the dependability of their organizational controls.

By choosing to work with a SOC (Service Organization Controls) 2^® compliant vendor, you can be sure that your vendor’s organizational controls, particularly regarding security, are in place and functioning up to industry standards. This is of focused importance in several industries, including healthcare IT, where patient data is subject to stringent HIPAA compliance regulations for privacy and security.

Scope of SOC 2

To obtain SOC 2 compliance, an independent auditor performs an examination of a service provider’s internal controls for a specified period. The auditor examines the suitability of the design and operating effectiveness of the internal controls to meet the criteria set forth in the Trust Service Principles (TSPs) as defined by the American Institute of CPAs: Security, Availability, Processing Integrity, Confidentiality, and Privacy. Depending on the nature of the business, the organization will designate any number of those five SOC 2 (TSPs) on which to be audited. For the revenue cycle industry, for example, security and availability are particularly relevant areas to examine.

The Criteria Categories provide the framework of the examination of each TSP; they include organization and management, communications, risk management and design and implementation of controls, monitoring of controls, system operations, change management and availability.

During each annual SOC 2 audit, which can consume thousands of hours depending on the size of an organization and the scope of the audit, the independent auditor will go on site and perform a comprehensive examination of the vendor’s organizational controls. After careful scrutiny and analysis, a detailed report of the audit is provided to the vendor, and is also available to its clients.

What’s the value of partnering with a SOC 2 compliant vendor?

Today, thanks to a heightened degree of competition, complexity of environment, and increasingly diverse economy, outsourcing some business functions to an external service provider has become vital to the success of many organizations. By placing your trust in an external service provider to perform an essential function of your business, you inevitably expose yourself to risk factors beyond your control. You can gain control and confidence, however, by requesting that your vendors are SOC 2 audited and can present the report to prove it. After a qualified party meticulously audits and tests your service provider, you can be assured they have all of the important security controls in place and your data is safe.

As an added benefit, it is often the case that a vendor’s SOC 2 compliant status implies that they also insist that their own vendors and partners are SOC 2 audited. This consistently high standard of integrity leads to a more cohesive and transparent security strategy in a given network of partners.

Passing a SOC 2 audit results in more than just a stamp of approval. Your vendor’s SOC 2 audit will give you a framework with which you can carefully study the organization’s security controls. This helps organizations’ management teams make strategic decisions about the security and organizational standards of their future service partners.