Achieve infosec compliance without the headaches
Manage your risk and maintain compliance with ease
Evidence requests, questionnaires, penetration tests, all-in-one
Meet your auditor on day 1 and eliminate any surprises
Connect to the tools that matter most for your audit
See how our automated platform provides more than just readiness through clear roadmaps, transparent communication, and in-app audits
Get the recording icon-arrow
Stand out in a highly regulated industry
Minimize your risk while maximizing returns
Safeguard your data and close more deals
A bespoke solution for your unique business
Steve Heilenman | CIO, Benefix
Read More icon-arrow
Financial data security without the stress
Efficient SOC 2 compliance with no surprises
Enhance your security posture and build trust worldwide
Stay on top of data privacy regulations
Secure transactions,no matter your scale
Protect patient health data with confidence
Stand out in highly regulated industries
Many more standards including custom frameworks
Josh Horowitz | CTO, Stylo
Explore more success stories icon-arrow
Find out why the OrO Way is the best way to do compliance
See how we drive better outcomes through compliance
Go beyond readiness with unmatched expertise
Ensuring compliance is never a blocker to innovation
Join the team that's reimagining compliance
Let's make compliance easier—together
Your team of compliance experts is standing by. Meet your auditor on day 1 and get answers when you need them.
Get to know them icon-arrow
Catch up on the latest industry trends and expert insights
Attend the latest webinar or meet with us in person
Actionable tools for your compliance journey
Expert-curated resources for your compliance journey
A podcast for B2B CISOs
Customize and download your free information security policy and be well on your way to SOC 2 compliance.
Use our policy generator icon-arrow
Customer Stories / Hippo
Hippo fashions new ways of working for healthcare practitioners, using wearable technology to bridge the gap between physical and virtual care. In order to gain customer confidence in their ability to handle sensitive patient data, the Hippo team needed to be fully compliant with multiple security frameworks.
As a young, mission-driven company, the Hippo team had only marginal experience with the details of compliance. But Dick Kile, COO of Hippo, knew meeting compliance was a critical task for their growing business.
Dick knew they had to meet certain security requirements in order to win business with healthcare organizations, but needed a partner to walk them through the process. He and the Compliance Team looked for a holistic solution that combined compliance expertise, great customer service, and streamlined technology that could help Hippo not only pass its audits but also shape his team’s thinking about compliance. He found that partner in Thoropass.
Dick and team chose Thoropass to help Hippo lock down its security and privacy areas. With the help of Thoropass’s compliance experts, they determined to move forward with three frameworks that were appropriate for Hippo’s specific business—GDPR, HIPAA, and ISO 27001—and developed a step-by-step plan to get there.
Hippo’s compliance group used Thoropass’s comprehensive compliance platform to organize the evidence and documentation of their policies in one place and match them to the requirements of each framework. The platform also made communication seamless–the Hippo team asked questions nearly every week and received quick responses. The team was especially grateful for his Thoropass Customer Success Manager, who guided the team every step of the way.
Before each of the external audits, Thoropass conducted an internal audit with the Hippo team to ensure they had everything prepared.
“I would say [the internal audit was] exceptionally good. We thought we had it nailed, and we didn’t. They were able to highlight areas where we missed the mark or didn’t have the right evidence,” said Dick Kile.
Hippo achieved its GDPR, HIPAA, and ISO 27001 certifications, raising the bar on compliance and opening the doors to conversations with potential new clients.
In addition to improving its security posture, the certification process helped Hippo formalize its operational policies and procedures, setting it up for future growth. The team learned a lot of valuable information in the process.
Hippo plans to keep its certifications up-to-date and will use future Thoropass product offerings, such pentesting, to identify and resolve any vulnerabilities.
Through its work with Thoropass, the Hippo team has a better understanding of compliance.
Talk with one of our experts to build your custom path to compliance and take advantage of Thoropass’s thoughtful automation, expert guidance, and security audit experience.
HIPAA
SOC 2
