Tidepool Achieves SOC 2 Type II Compliance

PALO ALTO, Calif.–(BUSINESS WIRE)–#DiabetesData–Tidepool, a software company committed to innovations in diabetes management, is thrilled to announce the achievement of SOC 2 Type II compliance in accordance with American Institute of Certified Public Accountants (AICPA) standards for SOC for Service Organizations also known as SSAE 18. Achieving this standard with an unqualified opinion serves as third-party industry validation that Tidepool provides enterprise-level security for customers’ data secured in the Tidepool Data Platform.


“We’ve embraced the tremendous responsibility of safeguarding the PHI of our users since Tidepool’s founding as a nonprofit organization nearly 11 years ago,” said Howard Look, CEO and Founder of Tidepool. “As we partner with major clinics and multi-state health systems to support their patients’ care, this effort attests to the robust nature of the capabilities of our data platform, our development practices, and security and compliance mechanisms.”

Tidepool+, the company’s data platform for Clinics and Health Systems, supports diabetes data management across multiple specialties with a single, centralized view, including a growing list of features including a population health dashboard, Single Sign-On (SSO) support, and most recently, EHR integration, to date.

“With this attestation, we are confirming our ongoing commitment to the compliance standards reflected in achieving and maintaining SOC 2 Type II compliance,” says Ben Derr, Lead Security Engineer at Tidepool. “Security and compliance have always been a team effort and a key component of Tidepool’s foundational culture. We’ve been able to hold true to these standards from the very beginning thanks to the dedication and attention to detail of the entire Tidepool organization.”

Tidepool was audited by Prescient Assurance, a leader in security and compliance attestation for B2B, SAAS companies worldwide. Prescient Assurance is a registered public accounting in the US and Canada. It provides risk management and assurance services, which include but are not limited to SOC 2, PCI, ISO, NIST, GDPR, CCPA, HIPAA, and CSA STAR. For more information about Prescient Assurance, contact info@prescientassurance.com.

An unqualified opinion on an SOC 2 Type II audit report demonstrates to Tidepool’s current and future customers that they manage their data with the highest standard of security and compliance. For information about Tidepool+, visit provider.tidepool.org.

About Tidepool

Tidepool is a recognized innovator in diabetes software on a mission to make diabetes data more accessible, actionable, and meaningful for people with diabetes, their care teams, and researchers. Founded in 2013, Tidepool hosts a suite of software tools for people with diabetes and the clinics that serve them, including Tidepool+, Tidepool Mobile, Tidepool Uploader, and soon Tidepool Loop. Tidepool is a registered 501(c)3 nonprofit organization. Learn more at tidepool.org. Connect with us on Linkedin, Facebook, X, and Instagram.

Contacts

Christopher Snider

Saira Khan-Gallo

media@tidepool.org