Your browser version is outdated. We recommend that you update your browser to the latest version.

Clinia - Controls and Compliance Specialist - Contract - June 2023 to Jan 2024

Anthony assisted the company with their transition to the SOC2 Type 2 including the Security, Confidentiality, Availability and Privacy principles.  The company previously had a SOC2 Type 1 for Security and Confidentiality. 

The support involved numerous tasks including:

- evaluation of the existing SOC2 Type 1 controls and supporting documentation for suitability for Type 2 audit

- development of new and updated controls and enhancements in the documentation to meet a Type 2 audit, including a full set of Privacy related controls to ensure compliance with the Privacy principle

- detailed assessment of required controls for complying with GDPR and Quebec Law 25 Privacy regulations, and preparation of mapping from the regulations to the SOC2 privacy controls

- update of the company's OneTrust GRC (Tugboat Logic) system for all the new controls and testing requirements

- preparation of comprehensive supporting policies and procedures for support of the Privacy controls and regulations