Graphite Achieves SOC 2 Type 1 Certification

SOC 2 Type 1 compliance is an important milestone for substantiating Graphite's commitments to trust, privacy, and security


Graphite, a provider-led software company creating the first comprehensive and universally computable representation of health data, has successfully completed the Service Organization Control (SOC) 2 Type 1 audit. The audit was conducted by Sensiba LLP and confirmed that Graphite's service commitments and system requirements were achieved based on the security, availability, and confidentiality criteria set forth by the American Institute of Certified Public Accountants (AICPA).

“Health data is incredibly personal and sensitive, and SOC 2 Type 1 compliance is an important milestone for substantiating our commitments to trust, privacy, and security," said Ryan Smith, Chief Operating Officer at Graphite. “We composed the Digital Hippocratic Oath to restate ‘do no harm’ for today’s world of data and applications, so we hold ourselves to rigorous standards. This is a demonstration of that commitment to our customers and partners.”

Graphite's platform processes large quantities of health data, translating clinical and operational data into a computable representation of health data. The SOC 2 Type 1 audit assessed the design of Graphite's controls at a specific point in time.

“We look forward to sharing additional progress as we continue to demonstrate our trust, privacy, and security protocols,” added Ryan Smith.