Growing Healthcare Tech Firm Seeks SOC 2 Certification

---

1. Overview MedEdge Solutions is a healthcare technology company specializing in data-driven software for specialty and infusion pharmacy workflows. We are seeking an experienced information security consultant or firm to guide us through the process of achieving SOC 2 Type II certification for our Microsoft-backed, web-based software platform. Our goal is to ensure our data security, availability, and confidentiality controls align with SOC 2 trust service criteria—specifically for the healthcare industry handling PHI and operating under HIPAA regulations. --- 2. Project Scope The selected consultant will:  Conduct a SOC 2 readiness assessment, identifying gaps in existing policies, procedures, and technical controls.  Help us develop or improve documentation, policies, and internal controls aligned with the five SOC 2 trust principles (focus on Security, Availability, and Confidentiality).  Assist in implementing technical controls, monitoring systems, and logging infrastructure appropriate for Microsoft Azure-based deployments and Microsoft Teams/365 environments.  Provide guidance on vendor management, user access reviews, risk assessments, and evidence collection.  Support the selection of a certified CPA/auditor and prepare us for the SOC 2 Type II audit period.  Conduct staff training and coordinate test control procedures.  Deliver a complete audit-ready package, including risk register, control matrix, and evidence repository. 3. Required Qualifications  Proven experience helping technology companies (preferably healthcare or HIPAA-covered entities) achieve SOC 2 Type II certification.  Strong knowledge of HIPAA and SOC 2 overlap (especially in relation to PHI).  Familiarity with Microsoft Azure, Microsoft 365, and Teams-based security frameworks.  Demonstrated ability to work with small-to-mid sized companies with lean technical teams.  Excellent communication and project management skills. 4. Deliverables  SOC 2 Type II Readiness Report (gap analysis)  Updated Security Policies and Procedures  Audit Evidence Management Plan  Weekly Status Reports  Final Audit Preparation Checklist and Support Documentation  SOC 2 Certification reached

Keyword: Project Coordinator

Project Management SOC 2 HIPAA Information Security