vRad achieves SOC 2 Type II data security compliance

The latest milestone in our commitment to safeguard patient information and other sensitive data is our achievement of SOC 2 Type II compliance.

EDEN PRAIRIE, Minn.—June 14, 2022—Virtual Radiologic (vRad), the leading US teleradiology practice, announced today their achievement of SOC 2 Type II compliance.

System and Organization Controls (SOC) reporting is one of the best and most widely used methods of demonstrating adherence to effective information technology controls. While SOC 1 focuses on controls relevant to financial reporting, SOC 2 is for service providers that store, process, or transmit any kind of protected information. SOC 2 compliance requires evidence that systems are secure and can cover up to four additional “trust services criteria”— availability, processing integrity, confidentiality, and privacy. vRad’s audit focused on security and availability.

In the face of increasingly sophisticated cyberattacks that threaten the data of all healthcare providers, vRad is continuously advancing our systems to predict, prevent, and respond to these threats. During the normal course of care delivery to our mutual patients, vRad shares a significant amount of protected data with our clients via integrated technology systems – prior reports, order information, studies, etc. We recognize the high level of trust they put in us to protect that information,” said Imad Nijim, vRad Chief Information Officer. 

SOC 2 Type II is a known and trusted framework used by security experts of major service providers across all sectors, including healthcare. Audits are conducted by an independent third party over an extended period time—up to 12 months—which avoids blind-spots that could be introduced in a single, snapshot audit. The extended audit approach of SOC 2 Type II allows vRad to demonstrate that key elements of our security program—process monitoring, encryption control, intrusion detection, user access, and disaster recovery—operate effectively over the long term. Maintaining a high level of security is integral to their operation and continued success in protecting data and building trust. 


About vRad

vRad is the nation’s leading teleradiology practice with 500 U.S. board-certified or eligible physicians, the majority of whom are subspecialty trained. Our practice delivers high-quality diagnostic imaging services to more than 2,100 facilities and radiology groups across the United States. vRad has 23 issued patents for telemedicine and radiology technologies; and is a leading innovator in the areas of artificial intelligence, machine learning, imaging data analytics, and software to improve the quality of patient care, value for our clients, and the experience of our physicians.