SOC 2 Type II: Miracle’s Commitment to Data Privacy and Security

Jin Kim
May 7, 2024
min read
Share this post

At Miracle, we understand that our role in innovating clinical trial management and clinical operations extends far beyond providing cutting-edge technology. It's about building a foundation of trust with our partners, grounded in the assurance that their data is protected by the most rigorous security standards in the industry. Miracle’s SOC 2 compliance and SOC 2 Type II certification is one of many ways that we are ensuring the utmost security and privacy, in addition to HIPAA, GDPR, etc., which we discuss in our other blog posts.

Understanding SOC 2 Type II

Developed by the American Institute of CPAs (AICPA), the Service Organization Control (SOC) 2 Type II certification is a gold standard for data security and privacy. Unlike its counterpart, SOC 2 Type I, which assesses the design of security processes at a single point in time, Type II goes further. It evaluates the operational effectiveness of these controls over a period. This thorough audit ensures that a company not only talks the talk but walks the walk when it comes to safeguarding customer data against unauthorized access and information leakage.

SOC 2 Type II focuses on five trust service principles:

  1. Security: The system is protected against unauthorized access (both physical and logical).
  2. Availability: The system is available for operation and use as committed or agreed.
  3. Processing Integrity: System processing is complete, valid, accurate, timely, and authorized.
  4. Confidentiality: Information designated as confidential is protected as committed or agreed.
  5. Privacy: Personal information is collected, used, retained, disclosed, and disposed of in conformity with the commitments in the entity’s privacy notice.

Why SOC 2 Type II Certification Matters

For Miracle, achieving SOC 2 Type II certification is s a reflection of our unwavering dedication to the security and integrity of the data that our customers trust us to handle. This certification:

  • Demonstrates our commitment to the utmost standards of security and privacy of the data.
  • Builds trust with our partners, providing them with peace of mind that their sensitive data is in safe hands.
  • Ensures compliance with industry best practices and regulatory standards, crucial for our partners operating in the highly regulated biotech and pharma industry.

Our Journey to SOC 2 Type II Compliance

Attaining SOC 2 Type II compliance was a rigorous process that involved the entire Miracle team. From implementing robust security measures to conducting comprehensive audits of our procedures over time, every step was taken with a goal in mind: to ensure that our platform not only meets but exceeds the stringent requirements set forth by the AICPA.

Miracle partners with Vanta for continuous SOC 2 compliance monitoring.

Miracle partnered with an independent cybersecurity firm called Insight Assurance to validate our security controls and security posture. We also performed a rigorous penetration test with an independent security consulting firm to ensure and validate the highest levels of data security.

Miracle was also recognized by AICPA for SOC compliance.

If you are a current Miracle customer and would like to obtain a copy of our SOC 2 Type II report, please contact your Account Manager or contact us here.

What This Means for Our Partners

With SOC 2 Type II certification, our partners can be assured that Miracle operates at the highest standards of data security and privacy. This certification is a testament to our capability to manage data with  utmost care and to our commitment to transparency and accountability in our operations.

As we continue to serve the biotech and pharma industry, we want our partners to focus on what they do best — innovating and advancing novel therapeutics — knowing that their operational and data security needs are in capable hands, as they trust Miracle to power their clinical trial management with our integrations and automations.

If you'd like to learn more about our security and compliance, you can learn more here. You can also reach out if you'd like to learn more about Miracle and see how actionable insights from your data can help you achieve trial timelines.

Share this post
Jin Kim

Similar articles

Ready to save time in clinical trials?

In just a few days, use actionable insights from our automated, real-time dashboard instead of waiting for your next weekly update.