Hear AcuityMD’s Co-Founder and CEO, Mike Monovoukas, discuss its compliance journey and how SOC 2 is helping them gain credibility and close bigger deals in a highly regulated space:

The challenge

The procurement process in the MedTech space, especially with larger enterprises, has only become more complex over the last few years. Not only is there data privacy to consider but there is also security and security review. AcuityMD needed a partner to support them on both critical dimensions. They know their customers scrutinize them rigorously, so having firm policies in place, particularly around data retention and backup, would be key for them.

A seamless audit experience

AcuityMD partnered with Thoropass for the expert guidance they needed to hit the ground running with their SOC 2. Once onboarded, they were ready to respond to their first security questionnaire within weeks. When it came time for the Type 1 audit, Mike felt empowered and confident knowing all documents and processes within the Thoropass platform were fully up-to-date and communication with their auditor could happen all in one central place.

A few short years later, AcuityMD has grown its employee base by over 6X and works with over 90 medical device customers. Mike attributes this impressive growth in large part to achieving SOC 2. 

With SOC 2 Type 1 now in place, AcuityMD can establish credibility with their enterprise buyers and shorten overall sales cycles, particularly with the IT buyer. 

Mike’s advice to other MedTech CEOs

Mike says: The earlier you can develop policies and procedures that will get you on the path to SOC 2, the better. Getting into the habit of having great security and compliance from day one will set you up to accelerate your sales cycles and attract and retain talented engineering leaders. With good habits in place early, compliance won’t be a distraction when you scale. 





Company size



United States