Overview
InfoHandler supports school districts by providing ezEdMed as a Software as a Service (SaaS) solution to document those services and submit them to Medicaid for payment. They have helped school districts get reimbursed for millions of dollars each year.
Service Provided
- SOC 2
Challenge
When asked why SOC 2 became a priority for InfoHandler, CEO Steve Daugherty says, “One of our largest customers stated that as of July 2024, they would be working only with vendors who were SOC 2 Type 2 compliant. They also recommended that other school districts follow the same path.” If InfoHandler did not complete a successful SOC 2 audit, they risked losing current and future customers.
“My stress levels were off the charts when I first tried to ascertain what had to be done to gain SOC 2 compliance. Sensiba, Drata, and Eden Data came together quickly and effectively. It was exciting to see it all come together and witness the entire audit process flow smoothly.”
Steve DaughertyCEO, InfoHandler
Solution
Once onboarded with Drata, the team at InfoHandler was introduced to Sensiba, as experienced auditors within the Drata platform. “What drew my attention to Sensiba was their Drata compatible audit framework. This made it much easier to know exactly what had to be done to achieve the SOC 2 outcome,” Steve said.
Conducted in the Drata platform, using Sensiba’s streamlined SOC 2 audit framework, and leveraging Sensiba’s proprietary AI technology, all evidence was reviewed and a pass/fail result was provided to the client before it went to the audit team. This allowed the client and auditor to work through the identified focus areas and further develop client relationships.
After starting the initial audit process and recognising capacity restraints within the team, Daugherty was introduced to Eden Data as their Virtual Chief Information Security Officer (vCISO). “From this point forward, everything ran like clockwork,” Daugherty says.
InfoHandler was provided with key management contacts at Sensiba and Eden Data who worked alongside Daugherty to guide him through the bigger picture and what needed to be completed and when. “The Sensiba SOC 2 framework, Eden Data’s assistance and the compliance monitoring from Drata kept us on target,” Daugherty says.
The audit team from Sensiba reviewed the evidence and queries which was sent back through the Drata platform. From here, Eden Data worked through the comments and required updates, sending the new evidence back to Sensiba. This process worked seamlessly between all three companies who maintained consistent communication throughout the audit. Additionally, the team at Eden Data scheduled weekly meetings and created a schedule to track the InfoHandler team’s performance.
Result
InfoHandler had an extremely tight deadline for their SOC 2 audit, with a significant client contract renewal tied to the outcome. All three teams worked together to achieve the audit outcome by the deadline, allowing InfoHandler to execute their contract renewal in July 2024.
Alongside establishing security and protecting client data, InfoHandler’s SOC 2 report provided other benefits. Daugherty explained. “It is my job to ensure InfoHandler maintains our high levels of customer satisfaction and that our InfoHandler team are enjoying their jobs. This can only be done by knowing where the security risks are and doing everything possible to mitigate those risks. This is made easier with our SOC 2 audit,” he says.
Ready to get started?
Find out how our GRC team can help you with your compliance. Contact us to learn more about how we can work together toward your goals.
Case Studies
Ready for more inspiration? Dive into additional client success stories where we showcase diverse projects, innovative solutions, and the transformative impact we’ve had on businesses like yours.
