Medac Inc. Achieves SOC 2 Type 1 Data Security Compliance; Demonstrates Ongoing Dedication to Secure Client Data

prod360 March 2, 2016

NORTH AUGUSTA, S.C., March 02, 2016 (GLOBE NEWSWIRE) — Medac Inc., a leading medical business management services provider, has successfully completed the Service Organization Control 2 (SOC 2) Type 1 examination under AT Section 101. Completion of the SOC 2 Type 1 examination is widely recognized because it represents that a service organization has been through an evaluation of its control activities as they relate to the applicable Trust Services Principles and Criteria.

The SOC 2 Type 1, developed by the American Institute of Certified Public Accountants (AICPA), is the most widely recognized authoritative guidance that provides service organizations a uniform method for disclosing independently assessed information about the design and operation of internal controls related to their services.

Companies who complete an annual SOC 2 examination are able to demonstrate a substantially higher level of assurance and operational visibility than those companies that do not.

“The SOC 2 Type 1 process is vital to Medac’s security and controls posture,” said Bellinger Moody, Medac’s Chief Executive Officer. “It provides an outside validation for our clients, vendors, and boards of directors that we are committed to excellence as we continue to grow.”

The SOC 2 Type 1 examination demonstrates a company’s continued commitment to create and maintain the most stringent controls needed to ensure the highest quality and security of services provided to their customers. The five control principles are:

  • Security: The system is protected against unauthorized access, use, or modification.
  • Availability: The system is available for operation and use as committed or agreed.
  • Processing Integrity: System processing is complete, accurate, timely, and authorized.
  • Confidentiality: Information designated as confidential is protected as committed or agreed.
  • Privacy: The privacy principle addresses the system’s collection, use, retention, disclosure, and disposal of information.

The demanding third-party examination that led to compliance with the data security standards was administered by the professional audit staff at 360 Advanced, a national Qualified Security Assessor and Certified Public Accountant firm based in Tampa, FL.

The Service Auditors’ Report includes a detailed description of Medac Inc.’s controls and an independent assessment of whether the controls are placed in operation and suitably designed. For any further questions, please contact Sam Bruce, PMP, CISM, CSM, CSSGB at Medac.


Medac is an anesthesia practice management and medical billing company with over 500 employees with its main operations center in North Augusta, SC. Medac uses proprietary technology to process government, patient and insurance claims for anesthesia groups to improve financial performance and reduce compliance risk. For more information, please visit


Known for its responsiveness, experience and professionalism, 360 Advanced has clients in more than 35 states that are major service providers in various industries, including cloud and SaaS based organizations. 360 Advanced is one of only a few specialized firms in the U.S. that assist service providers as their independent assessor in maintaining and communicating security and compliance to their clients.

360 Advanced’s services are provided, but not limited to, the following industries: Title Services, Hosted and Managed IT, Data Center and Colocation, Software as a Service (SaaS), Healthcare, Financial Services, Insurance, HR | Payroll | PEO, Legal and Collections, Bulk Mail Printing and Distribution, Background Screening, Business Process Outsourcing and Marketing.

Services provided by 360 Advanced include SOC 1 (SSAE 16), SOC 2, SOC 3, PCI DSS, HIPAA Security/HITECH, Microsoft Vendor Policy and other security and compliance services.