Orchid Successfully Completes SOC 1® and SOC 2® Type II Audits

Orchid Medical, one of the leading providers of ancillary medical management solutions in the workers’ compensation industry announced today that it recently completed its SOC 1® Type II and SOC 2® Type II audits. The reports completed at the conclusion of the audits noted no exceptions. 

“In successfully completing the audits through an independent auditor, we’ve proved our adherence to one of the most rigorous, industry-recognized auditing standards for service organizations,” said Oliver Ostlander, chief information officer for Orchid Medical. “The controls we implemented and maintained are an excellent indication of the effective safeguards we’ve developed to serve our clients.”

The American Institute of Certified Public Accountants (AICPA) created the System and Organization Controls (SOC) framework.

  • SOC 1® Type II evaluates controls that impact or may impact clients’ financial reporting.
  • SOC 2® Type II evaluates controls relevant to security, processing integrity, confidentiality and privacy of clients’ data.

The audit included design assessments and operating effectiveness tests of the company’s system’s infrastructure, physical network security, maintenance procedures, infrastructure change management, problem management, reporting control procedures and environmental safeguards.

“Undergoing the SOC audits reflects our unwavering commitment to provide the highest standards of service and security to our clients,” said Paul Taylor, President and CEO of Orchid Medical. “This is a significant accomplishment for Orchid and we are proud to have completed the audits with zero exceptions.”

In addition to SOC compliance, Orchid Medical complies with the Health Insurance Portability and Accountability Act (HIPAA) requirements for healthcare data privacy and protection.