Independently Audited And Certified...

soc 2 certified

SOC-2

Type II and Type II

Following SOC-2 Type I certification, Research Transcriptions was again audited by an independent third party to assess the operating effectiveness of our internal controls. 

Beyond our SOC-2 Type II certification, Research Transcriptions only partners with other vendors who are also SOC-2 Type II certified.

Scroll to the next section for a visual diagram that explains SOC-2 certification in greater detail - and how it helps protect your data better.

hippa-compliant

HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) establishes strict standards for safeguarding protected health information (PHI).

Research Transcriptions ensures full HIPAA compliance through independently audited annual reviews, staff training, and certifications. Our team undergoes quarterly training to stay current on regulations and best practices, ensuring secure workflows and unwavering security and confidentiality of protected health information. 

logo-citi-program-2

CITI / NIH - Protecting Human Subject Research Participants

All Research Transcriptions transcribers who work on human subject research complete the Human Subjects Research Protection Training offered by CITI and/or the U.S. Department of Health and Human Services Office for Human Research Protections (OHRP). Training areas include:

  • Data Management and Security for Student Researchers
  • NIH Data Management and Sharing Policy for SBER: Implications for Researchers and IRBs
FERPA logo

FERPA

The Family Educational Rights and Privacy Act (FERPA) is a federal law that protects the privacy of student education records, ensuring that access to and sharing of these records comply with strict confidentiality standards.

Research Transcriptions is fully FERPA-compliant, with rigorous data security protocols and trained personnel to safeguard sensitive educational information. Our commitment to FERPA ensures that clients can trust us to securely handle protected student data.

educause-hecvat

EDUCAUSE:
HECVAT - FULL

The Higher Education Community Vendor Assessment Toolkit (HECVAT) is a standardized questionnaire designed to evaluate vendors' security and data protection practices for higher education institutions, especially for cloud services. Developed by the Higher Education Information Security Council (HEISC) and EDUCAUSE, it ensures compliance with stringent privacy standards.

Research Transcriptions has completed the Full HECVAT, demonstrating our commitment to robust data protection and alignment with higher education security requirements.

gdpr-eu

GDPR

The General Data Protection Regulation (GDPR) sets strict standards for handling personal data within the European Union.

Research Transcriptions ensures compliance through comprehensive GDPR training for all personnel. Our program covers key principles like lawful data processing, minimization, and breach management. This training equips our team to handle data securely, protect individual rights, and maintain global privacy standards.

PCI

Payment Card Industry Data Security Standard (PCI DSS)

The Payment Card Industry Data Security Standard (PCI DSS) sets strict guidelines for securing payment card data.

Research Transcriptions ensures PCI compliance by partnering exclusively with PCI-compliant credit card processors. We never store or take possession of credit card information. Our secure systems, encryption protocols, and ongoing staff training uphold the highest standards for safeguarding client financial transactions and data.

confidential-transcription-service