The ACA Times


  Show menu
  • Home
  • Articles
  • Get to Know the ACA
  • ACA – Frequently Asked Questions
  • Resources
  • Meet the Editors
  • Trusaic
  • Contact Us
  • Legal
  
  • Home
  • ACA Compliance
  • When Choosing an ACA Vendor, Make Sure They’re SOC II Compliant

Articles

When Choosing an ACA Vendor, Make Sure They’re SOC II Compliant

February 7, 2020 Robert Sheen ACA Compliance, Affordable Care Act
When Choosing an ACA Vendor, Make Sure They’re SOC II Compliant

2 minute read:

Who do you trust with your data?

The large-scale data breaches of the 2010s saw companies ask the question of whether their network security was sufficient to protect their sensitive data. As we enter the 2020s with ever expanding data privacy regulations, many companies are asking the question of from whom, how and why they are collecting sensitive data.

These are important questions to ask, and every company should have a good system in place as data security issues and data collection laws are likely to increase in the new decade.

An equally important question that many companies appear to overlook is, who am I sharing my data with?

Many companies that are not in the business of selling the data they collect, still share that data with a variety of third parties as part of their regular business processes, whether to meet regulatory compliance or general business obligations.

This is particularly true of Applicable Large Employers (ALEs) (organizations with 50 or more full-time employees and full-time equivalent employees) that are required to offer Minimum Essential Coverage (MEC) to at least 95% of their full-time workforce (and their dependents) whereby such coverage meets Minimum Value (MV) and is Affordable for the employee or be subject to Internal Revenue Code (IRC) Section 4980H penalties.

The complexity and details of the ACA often necessitate that ALEs outsource the compliance work to an ACA service provider; which means providing large amounts of very sensitive employee data to a third party.

This raises a very important follow up question, how do you know that your ACA service provider is taking data security as seriously as you are?

That is where System and Organization Controls (“SOC”) compliance comes into play. Developed by the American Institute of Certified Public Accountants (“AICPA”), SOC type reports are a roadmap of a company’s internal controls. Essentially, it is a rigorous audit of a service providers systems and security protocols to determine the controls they have in place to protect your data, and how well those controls are implemented and managed. Specifically, a SOC II report details the controls relevant to Security, Availability, Processing Integrity, Confidentiality, and/or Privacy in the audited companies network system.

While managing your regulatory compliance needs can be stressful, especially when it comes to ACA compliance, knowing that your ACA service provider is SOC II compliant can go a long way to alleviating any concerns you have regarding their ability to protect your sensitive employee data.

You can trust that Trusaic always has and always will take data security and privacy seriously. We have willingly undergone the SOC II report process in the past and will continue to do so into the future. Contact us to learn about our ACA CompleteSM can help your organization while keeping your data secure.

To learn more about ACA compliance in 2021, click here.


We’re committed to helping companies reduce risk, avoid penalties, and achieve 100% ACA compliance. For questions about the ACA contact us here.

Summary
When Choosing an ACA Vendor, Make Sure They’re SOC II Compliant
Article Name
When Choosing an ACA Vendor, Make Sure They’re SOC II Compliant
Description
Employers should be sure they choose an ACA vendor that is SOC II compliant if they are outsourcing for ACA compliance and reporting.
Author
Robert Sheen
Publisher Name
The ACA Times
Publisher Logo
The ACA Times
Short URL of this page: https://acatimes.com/jek
Robert Sheen

Robert Sheen

Robert Sheen, Esq., is editor-in-chief of The ACA Times. He also is founder, president and CEO of Trusaic.

Robert Sheen is Founder and President of Trusaic, Inc. Robert is a graduate of the University of Southern California, in Business Administration with an emphasis in International Finance. He earned his Juris Doctor from Loyola Law School, Los Angeles, concentrating in Tax Law.

View more by Robert Sheen

Related tags to article

ACA CompleteACA ComplianceACA ReportingAffordable Care ActAmerican Institute of Certified Public Accountants (AICPA)Applicable Large EmployersCalifornia Consumer Privacy Act (CCPA)Internal Revenue Code (IRC) Section 4980H PenaltiesMinimum Essential Coverage (MEC)Minimum Value (MV)Regulatory ComplianceSOC IISystem and Organization Controls (SOC)Trusaic
Related Articles How to Leverage Your Workforce Data to Meet DEI Goals How to Leverage Your Workforce Data to Meet DEI Goals
Related Articles An Employer’s Guide to Navigating the DEI&A Landscape An Employer’s Guide to Navigating the DEI&A Landscape
Related Articles Governments, Investors, & Litigators Are Focusing More on ESG Governments, Investors, & Litigators Are Focusing More on ESG
Related Articles Administration Predicts Lower ACA Enrollment by Robert Sheen  •  
Related Articles IRS Eases Rules on Hardship Exemptions by Robert Sheen  •  
Related Articles HHS Awards $36 Million To Health Centers by Robert Sheen  •  
Subscribe

Popular Posts

  • California Individual Mandate Penalties Will be Issued in 2021
  • Biden’s Affordable Care Act Advancements are Underway
  • What Employers Need to Know About the 2020 ACA 1095-C Codes
  • Employers May Face Additional Challenges with 2020 ACA Reporting
  • Five Resources Essential for ACA Compliance in 2021
  • Most Frequently Asked ACA Questions for Employers and Individuals
  • Taxpayers (Including Employers) Have the Right to the Challenge IRS
  • The IRS is Issuing ACA Penalty Letter 226J for 2018

Trending Topics

  • Regulations
    (91)
  • Legislation
    (47)
  • Editorials
    (19)
  • ACA Compliance
    (126)
  • Tax Filings
    (19)
  • Applicable Large Employer (ALE)
    (13)
  • Penalties
    (18)
  • IRS
    (82)
  • Health Insurance Marketplace
    (28)
  • Polls/Surveys
    (18)
  • Health Care Reform
    (22)
  • Reporting
    (22)
  • IRS 226J/226-J
    (28)

Categories


Brought to you by Trusaic

 

 

 

Twitter Facebook

Downloads

The ACA 101 Toolkit

The Essential Guide to the ACA

Letter 226J Infographic

5 Common ACA Compliance Mistakes

Triangle of Trust

Articles

IRS Affordability Safe Harbors Help Avoid ACA Penalties

Calculating FT and FTE Employees

The ACA Monthly Measurement Method: A Few Examples

The IRS’s 1095 Forms for ACA Explained

Incorrect ITINs Will Cause Havoc With ACA Compliance

Knowledge Center

Get to know the ACA

Get to know Letter 226J

Webinar: The Recipe for Successful ACA Compliance

Trusaic News

Our Story

© 2021 Copyright Trusaic - All Rights reserved.

Close Window

Loading, Please Wait!

This may take a second or two. Loading, Please Wait!