Because of the private nature of the information in ISO ClaimSearch®, ISO has taken precautions to restrict access and promote security. The operation of ISO ClaimSearch complies with federal and state privacy legislation as applicable.
ISO ClaimSearch reviews the effectiveness of its controls over security, availability, processing integrity, confidentiality, and privacy via SOC reports based on the principles in the American Institute of Certified Public Accountants (AICPA) TSP Section 100, Trust Services Principles for Security, Availability, Processing Integrity, Confidentiality, and Privacy. ISO ClaimSearch maintains a SOC 2 report mapped to the most current HITRUST controls within the reporting period. ISO ClaimSearch also maintains a SOC 3 report. The SOC 2 Type 2 report is available to current and prospective customers upon request. Please submit a request to ClaimSearchCompliance@iso.com. The SOC 3 report is available to the general public.