All ArticlesCompany news
Company news

Carrot completes SOC 2 Type II and HIPAA audits

Carrot completes SOC 2 Type II and HIPAA audits

Carrot completes SOC 2 Type II and HIPAA audits
Aug 12, 2020
Share on LinkedIn

At Carrot, safety and security are critically important in everything we do. Our customers and members entrust us with their private information, and it’s our job to take every precaution we can to keep it safe and secure. That's why we're delighted to share that Carrot has completed our first SOC 2 Type II and HIPAA audits. As a fertility benefits provider, we consider these audits an essential step for us in demonstrating our security and operational integrity.

Carrot has fulfilled all requirements of SOC 2 and HIPAA, and the combined audit resulted in a clean opinion from the auditor. The audit was completed in June 2020 by Linford & Company LLP, an independent third-party auditor that specializes in SOC 2 and HIPAA. This report has been made available to current and prospective customers as of July 2020.

SOC 2 Type II compliance

SOC 2 is an industry standard compliance framework defined by the American Institute of Certified Public Accountants (AICPA), which outlines industry standard trust service principles that secure organizations must comply with to gain certification.

There are two types of SOC 2 reports: Type I and Type II. The Type I report validates that a company has required security policies and procedures in place at a point in time. While obtaining a Type I report is valuable as a baseline, Carrot has opted to undergo a Type II audit, which shows we have been practicing these secure policies and procedures for an extended period of six months. To ensure that we continue to uphold this standard, Carrot will undergo annual SOC 2 Type II audits going forward.

Please contact our team to learn more or to request a copy of our SOC 2 Type II report.

HIPAA compliance

The Health Insurance Portability and Accountability Act (HIPAA) is a U.S. regulatory framework that outlines rules and safeguards for businesses that transmit or store Protected Health Data (PHI) of their users. The HIPAA audit we completed verifies that Carrot is following all HIPAA rules and safeguards. In addition, Carrot is able to sign a HIPAA Business Associate Agreement (BAA) for our customers upon request.

Please contact our team to request a copy of our HIPAA report and BAA.

Moving forward

This combined SOC 2 Type II and HIPAA audit is an important milestone for us at Carrot. We’re looking forward to continuing to achieve additional levels of security and regulatory compliance as we examine new ways to strengthen our security at Carrot in 2020 and beyond.

Want to learn more about security at Carrot? Schedule some time to talk with our team.

Any general advice posted on our blog, website, app or social media platform is for informational purposes only and is not intended to replace or substitute for any medical advice, diagnosis, or treatment. Carrot Fertility makes no representations or warranties and expressly disclaims any and all liability concerning any treatment, action by, or effect on any person following the general information offered or provided within or through the blog, website, app or social media platform. As Carrot is distinct from any third party providers with whom we partner to provide applications, products, and services to members, we are not responsible for the quality, integrity, safety, accuracy, availability, reliability, or legality of such third party applications, products, and services. Further, Carrot is not responsible or liable, directly or indirectly, for any damage, harm, injury, or loss of any kind caused or alleged to be caused by or in connection with the use of or reliance upon any content, material, or services available through any third party providers.
Read more
Company news
Carrot honored for Best Diversity, Equity, and Inclusion Product in the Inaugural Anthem Awards
The Carrot Card has been named one of the Best Diversity, Equity, and Inclusion Products in the Inaugural Anthem Awards. 
Company news
Leading menopause expert Risa Kagan, MD, joins Carrot
Risa Kagan, MD, FACOG, CCD, NCMP, a leading expert in menopausal care and research, has joined Carrot’s medical advisory board.
Company news
Leading male fertility expert James Hotaling, MD, MS, FECSM, joins Carrot
Dr. Hotaling is a fellowship-trained urologist specializing in male infertility and men’s health.
See how Carrot can transform your company
Find out how our customizable fertility solutions can help your plan, your groups, and your members.
Get Started