As a trusted provider of ECE data and technology infrastructure for government organizations, BridgeCare takes the privacy and security of our clients’ data very seriously. As such, we consistently meet or exceed all relevant federal, state, and local laws, regulations, and contractual obligations.

Now, as we continue to grow and support the evolution and modernization of early care and education ecosystems everywhere, we have taken this commitment one step further by pursuing external validation of those efforts in the form of a rigorous SOC 2 audit. This is an integral step in proving to our clients, stakeholders, and other interested parties that BridgeCare values and deserves their trust, and that we have effectively implemented sustainable security controls at every level of the organization.

What is SOC 2?

SOC 2, or Service Organization Controls 2, is a framework governed by the American Institute of Certified Public Accountants (AICPA). As part of the compliance process, an independent service auditor reviews an organization’s policies, procedures, and evidence to determine if security controls are designed and operating effectively. A SOC 2 report communicates the results of the audit and the organization’s ability to effectively protect customer information.

With increasing cybersecurity threats and the rising risk of data breaches, companies like BridgeCare have an obligation to prioritize information security and the protection of their systems and data—operationally, technically, and administratively. SOC 2 compliance represents a major milestone representing a strong and effective overall security posture spanning the retrieval, storage, processing, and transfer of data.

BridgeCare's Journey to Compliance

We partnered with Vanta, the leader in the Trust Management space, to help us automate the collection of our audit evidence. Vanta provides us with the strongest security foundation to protect our client’s data.

Our audit firm, Advantage Partners, was extremely helpful in creating a seamless audit experience. With their guidance and support, we were able to achieve SOC 2 compliance in a swift, efficient manner as 2024 came to a close.

SOC 2 is a big undertaking, but thanks to our compliance partners and the hard work of our internal engineering and security team, we were able to centralize and validate the controls we’ve always had in place, while adding additional checks and balances to ensure the ongoing strength and adaptability of those controls.

Now, organizations that partner with BridgeCare will have the peace of mind that accompanies this major compliance benchmark. We look forward to continuing to validate the trust our clients place in us as we support their pursuit of more modern, efficient, and user-friendly early care and education systems.