VSA Officially Receives SOC 2 Approval

HADDONFIELD, N.J. - Oct. 7, 2024 - PRLog -- VSA has always prioritized data protection and privacy for its clients, and now a comprehensive outside audit has officially determined that the company is operating with the highest levels of security.

After a nearly year-long compliance process, VSA has received SOC 2 Type 1 approval, ensuring that the call center firm and its vendors are strictly adhering to the most secure policies and procedures possible. SOC 2 (Service Organization Control) is an auditing process designed to help third-party service providers safeguard data against breaches, system failures, unauthorized access, and other cyberthreats.

Continued commitment to these stringent security measures over the next year will earn VSA SOC 2 Type 2 certification, which requires a thorough examination of internal control policies and practices over a set period of time.

"SOC 2 lets our clients know we're secure, and all their data is secure, and they can feel confident trusting that all their information is handled with the highest level of security," says Dawn Stolte, VSA's Senior VP of Operations. "But this is just the beginning. We're going to continue to evaluate and proactively enhance our security practices as new challenges arise."

Throughout the SOC 2 approval process, VSA met regularly with an outside data security company (Van Rein Compliance) to review its internal systems and current security measures to identify and rectify areas that didn't meet SOC 2 standards. As an example, the password requirements on one of VSA's calling platforms were not as secure as they could be. VSA also needed to consult with its vendors to review their security measures, such as determining who had access to their on-site servers and the controls in place to monitor potential problems.

"Basically, we needed to do a comprehensive review of all the tools we're using, and make sure they were secure to the best of our abilities," says VSA Technology Supervisor Brenden Rochford, who along with Manager of Finance & Technology Keila Acevedo serve as VSA internal compliance officers. "We also had to work with our vendors to make sure any data they might have is secure and that they're following best practices as well."

Van Rein describes SOC 2 as "a robust standard for managing customer data based on five Trust Service Criteria: service, availability, processing integrity, confidentiality, and privacy … In a world where data breaches are becoming commonplace, obtaining SOC 2 compliance signals a company's commitment to the highest standard of data protection. It's more than a regulatory requirement—SOC 2 demonstrates that your business takes privacy and security seriously."

Even before beginning the SOC 2 approval process, VSA had shown a commitment to privacy regulations that set it apart from many of its call center peers. The company's compliance certifications include HIPAA (Health Insurance Portability and Accountability Act), GDPR (General Data Protection Regulation), PCI (Payment Card Industry), FERPA (Family Educational Rights and Privacy Act), as well as several regional privacy regulations.

But SOC 2, which is expected to become a standard across multiple industries, takes VSA's commitment to data protection to new heights.

"It helps build trust with our clients and potential new clients," Mr. Rochford says. "If a client comes in and has doubts about giving us customer data—'how do we know if you're storing it securely, how do we know who has access to it'—having SOC 2 gives them the assurances they need. It shows we're following all the proper procedures for keeping their data as safe as possible."

For more information about VSA, Inc. please visit https://www.vsaprospecting.com/