ProntoForms Receives SOC 2 Type II Attestation and HIPAA Compliance Report

by Sarah Harvey / January 30th, 2020

Independent Audit Verifies ProntoForms’ Internal Controls and Processes

Ontario, Canada ‚Äď ProntoForms, a low-code app development platform for field service today announced that it has completed its annual SOC 2 Type II and HIPAA audits. This attestation is evidence of ProntoForms‚Äô continued commitment to delivering a high quality solution with the necessary internal controls and processes for highly regulated industries.

SOC 2 engagements are based on the AICPA’s Trust Services Criteria. SOC 2 service auditor reports focus on a service organization’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system. KirkpatrickPrice’s service auditor report verifies the suitability of the design and operating effectiveness of ProntoForms’ controls to meet the standards for these criteria.

HIPAA sets a national standard for the protection of consumers’ PHI and ePHI by mandating risk management best practices and physical, administrative, and technical safeguards. HIPAA was established to provide greater transparency for individuals whose information may be at risk, and the OCR enforces compliance with the HIPAA Privacy, Security, and Breach Notification Rules. ProntoForms’ compliance with the HIPAA Security Rule demonstrates its commitment to security for ePHI by ensuring the confidentiality, integrity, and availability of ePHI, protecting against threats, protecting against unpermitted disclosures, and ensuring workforce compliance.

Glenn Chenier, Chief Product Officer, says, ‚ÄúWith KirkpatrickPrice, it didn‚Äôt feel like we were doing two audits, we just had a larger question set. Working in the portal and with an auditor helped us feel like we had a realistic feel for the project size.‚ÄĚ

‚ÄúProntoForms delivers trust-based services to their clients, and by communicating the results of these audits, their clients can be assured of their reliance on ProntoForms‚Äô controls,‚ÄĚ said Joseph Kirkpatrick, President of KirkpatrickPrice.

ProntoForms also decided to extended the scope of its compliance program to include FDA Title 21 CFR Part 11. This regulation, issued by the FDA, sets out security criteria for ERES captured on electronic documents. ProntoForms commented, “Obtaining Part 11 compliance augments our already very strong HIPAA and SOC 2 Type II compliance story. It demonstrates that we‚Äôre committed to growing our compliance footprint and that we take the security of sensitive data collected in the field very seriously. When working with compliance-sensitive companies, like biotech, pharma, healthcare, and medical device organizations, this is imperative.”

About ProntoForms

ProntoForms is the global leader in field-focused low-code application platforms for enterprise. The company’s solution is used to create apps and forms to collect and analyze field data with smartphones and tablets ‚Äď either as a standalone solution or as a mobile front-end to enterprise systems of record.

ProntoForms’ 100,000+ subscribers harness the intuitive, secure, and scalable solution to increase productivity, improve quality of service, and mitigate risks. It is based in Ottawa, Canada, and trades on the TSXV under the symbol PFM. ProntoForms is the registered trademark of ProntoForms Inc., a wholly owned subsidiary of ProntoForms Corporation.

Read more about ProntoForms’ compliance journey here.