SubroSmart & Affiliates Achieve SOC 2 Information Security Compliance Certification

SubroSmart, together with its parent Amborella LLC and affiliates Amborella Law PLLC and LimeIQ LLC, are pleased to announce the successful completion of its System and Organization Controls 2 Type I (SOC 2) audit, achieving compliance certification with the leading industry standards for customer data security. This report reflects SubroSmart’s ongoing commitment to providing a secure data environment for its customers.

Designed by the American Institute of Certified Public Accountants (AICPA), the SOC 2 Type I auditing procedure provides a third party evaluation of a company’s commitment to data privacy and information security standards through five key criteria: security, availability, processing integrity, confidentiality and privacy. Obtaining SOC 2 Type I certification demonstrates rigorous safeguards protecting clients’ sensitive information and reassures stakeholders that client data is in capable hands.

The audit was completed by Johanson Group LLP, a leading third party certification body evaluating an organization’s commitment in obtaining global compliance standards.

“After an extensive preparation and auditing process, we are proud that SubroSmart & our affiliates are SOC 2 certified companies,” said Gregory M. Zarin, Founder & CEO. “This certification validates our commitment to the highest compliance standards in customer security and privacy, which is especially crucial to our many customers in heavily regulated industries like healthcare.”

SubroSmart and its affiliates were assisted by Benjamin Card, its independent Fractional Information Security Officer (FISO) at Webcheck Security. Mr. Card started his career as a Military Intelligence Special Agent in the United States Army, serving in Baghdad, Iraq and USAG, Brussels, Belgium. Following his distinguished military career, he became a consultant for PricewaterhouseCoopers (PwC) in Washington, DC, specializing in a wide range of information security consultancies including compliance audits to penetration testing. Mr. Card then become the CISO for a large national corporation for nearly a decade.

Independent third party information security auditor Johanson Group completed SubroSmart’s comprehensive audit based on SOC 2 standards and attested to its information security controls meeting the leading industry standards for the insurance and finance industries. Johanson Group specializes in SOC 2 audits and provides audit and professional services to public and private companies, large and small, in a variety of industries.

SOC 2 has a rigorous requirement on how companies handle customer data and information, so compliance guarantees there are established and implemented organizational practices in place to safeguard customer data. SubroSmart is committed to providing identity management and mission-critical data to industries such as health care, financial services and education. Data integrity and security is a fundamental part of how SubroSmart and its affiliates manage user identity. SOC2 compliance represents a commitment that secure systems and controls are maintained by the organization on an ongoing basis.