Achieve infosec compliance without the headaches
Manage your risk and maintain compliance with ease
Evidence requests, questionnaires, penetration tests, all-in-one
Meet your auditor on day 1 and eliminate any surprises
Connect to the tools that matter most for your audit
See how our automated platform provides more than just readiness through clear roadmaps, transparent communication, and in-app audits
Get the recording icon-arrow
Stand out in a highly regulated industry
Minimize your risk while maximizing returns
Safeguard your data and close more deals
A bespoke solution for your unique business
Steve Heilenman | CIO, Benefix
Read More icon-arrow
Financial data security without the stress
Efficient SOC 2 compliance with no surprises
Enhance your security posture and build trust worldwide
Stay on top of data privacy regulations
Secure transactions,no matter your scale
Protect patient health data with confidence
Stand out in highly regulated industries
Many more standards including custom frameworks
Josh Horowitz | CTO, Stylo
Explore more success stories icon-arrow
Find out why the OrO Way is the best way to do compliance
See how we drive better outcomes through compliance
Go beyond readiness with unmatched expertise
Ensuring compliance is never a blocker to innovation
Join the team that's reimagining compliance
Let's make compliance easier—together
Your team of compliance experts is standing by. Meet your auditor on day 1 and get answers when you need them.
Get to know them icon-arrow
Catch up on the latest industry trends and expert insights
Attend the latest webinar or meet with us in person
Actionable tools for your compliance journey
Expert-curated resources for your compliance journey
A podcast for B2B CISOs
Customize and download your free information security policy and be well on your way to SOC 2 compliance.
Use our policy generator icon-arrow
Customer Stories / MedCall
MedCall specializes in telehealth triage services tailored for workers’ compensation, offering companies 24/7 access to emergency care physicians for injured employees. Their platform ensures immediate medical attention for workplace injuries, helping businesses manage healthcare needs efficiently while controlling workers’ compensation costs.
Achieving SOC 2 compliance is not just a badge of honor for MedCall—it’s an important testament to their unwavering commitment to security, reliability, and confidentiality. Meeting these high industry standards is crucial for building and maintaining trust with their clients. However, navigating the complexities of SOC 2 attestation can be daunting.
MedCall was already working with Legion Cyberworks, a trusted partner known for their deep knowledge in cybersecurity, infrastructure, and support. Despite having a strong partner in Legion Cyberworks, they lacked the right software to streamline their approach. That’s when Legion Cyberworks introduced them to Thoropass. The challenge was to seamlessly integrate Legion Cyberworks’ capabilities with the advanced tools and support provided by Thoropass to achieve their compliance goals efficiently and effectively.
MedCall’s journey to achieving SOC 2 attestation was a complex process, made manageable with the invaluable support of their Thoropass Service Partner, Legion Cyberworks. Leveraging their deep expertise in cybersecurity, Legion Cyberworks conducted thorough vulnerability and penetration tests, delivered ongoing managed services, and provided crucial compliance knowledge, ensuring MedCall’s adherence to key trust principles: security, confidentiality, and availability. With the ability to use Thoropass’s compliance automation software as a central hub, the timeline for the MedCall team to achieve SOC 2 was dramatically condensed.
Thanks to the collaborative approach of these companies, the compliance journey, which spanned only a few months, was relatively smooth. The team’s Thoropass CSM played an important role in guiding MedCall through the process, making the connection between their AWS infrastructure and the Thoropass platform one of the easier aspects of the journey. The comprehensive roadmap, detailed dashboard, and integration of resources offered by Thoropass were standout features, saving time and proving to be highly useful.
While SOC 2 attestation can be challenging, by making the strategic decision to work with Legion Cyberworks, Medcall’s process was much more efficient. Legion Cyberworks’ honesty and expertise gave MedCall the confidence they needed to pursue the SOC 2 attestation process. and their support was critical for the initial onboarding and implementation of the Thoropass platform and for ensuring that MedCall remains in compliance efficiently over the long term.
Adding Thoropass to the mix ensured a frictionless audit, which integrated naturally to the compliance process. The smooth and seamless audit process further proved the effectiveness of this partnership, showcasing the importance of the relationship between MedCall, Thoropass, and Legion Cyberworks in achieving and maintaining high compliance standards.
MedCall’s journey to achieving SOC 2 attestation has been a resounding success, thanks to the collaborative efforts of Thoropass and Legion Cyberworks. The outcome of this compliance journey has met and exceeded MedCall’s expectations, ensuring that they are well-positioned to maintain their security posture and compliance standards going forward.
To support their continuous commitment to security and compliance, MedCall has engaged Legion Cyberworks in ongoing partnership to help with monitoring and support. Legion’s expertise has proven to be critical, providing MedCall with the assurance that its security posture remains strong and that they are always prepared for the next audit.
Having the SOC 2 attestation is crucial to MedCall’s business operations. An annual SOC 2 report is mandatory for many of their customers, making this attestation essential for maintaining customer trust and meeting contractual obligations. MedCall leverages Thoropass’s continuous compliance services, ensuring that they “don’t take their foot off the gas” when it comes to monitoring and maintaining their attestation.
As MedCall looks ahead to pursuing SOC 2 Type 2 certification, they express confidence in the Thoropass platform and hands-on support from Legion Cyberworks. Both products and services have proven to be effective, and MedCall is eager to see how the partnership will continue to evolve as they take on the next compliance challenge.
Talk with one of our experts to build your custom path to compliance and take advantage of Thoropass’s thoughtful automation, expert guidance, and security audit experience.
HIPAA
Penetration Testing, SOC 2
