Achieve infosec compliance without the headaches
Manage your risk and maintain compliance with ease
Evidence requests, questionnaires, penetration tests, all-in-one
Meet your auditor on day 1 and eliminate any surprises
Connect to the tools that matter most for your audit
See how our automated platform provides more than just readiness through clear roadmaps, transparent communication, and in-app audits
Get the recording icon-arrow
Stand out in a highly regulated industry
Minimize your risk while maximizing returns
Safeguard your data and close more deals
A bespoke solution for your unique business
Steve Heilenman | CIO, Benefix
Read More icon-arrow
Financial data security without the stress
Efficient SOC 2 compliance with no surprises
Enhance your security posture and build trust worldwide
Stay on top of data privacy regulations
Secure transactions,no matter your scale
Protect patient health data with confidence
Stand out in highly regulated industries
Many more standards including custom frameworks
Josh Horowitz | CTO, Stylo
Explore more success stories icon-arrow
Find out why the OrO Way is the best way to do compliance
See how we drive better outcomes through compliance
Go beyond readiness with unmatched expertise
Ensuring compliance is never a blocker to innovation
Join the team that's reimagining compliance
Let's make compliance easier—together
Your team of compliance experts is standing by. Meet your auditor on day 1 and get answers when you need them.
Get to know them icon-arrow
Catch up on the latest industry trends and expert insights
Attend the latest webinar or meet with us in person
Actionable tools for your compliance journey
Expert-curated resources for your compliance journey
A podcast for B2B CISOs
Customize and download your free information security policy and be well on your way to SOC 2 compliance.
Use our policy generator icon-arrow
Customer Stories / Tellescope
Tellescope offers a patient relationship management platform that enables healthcare organizations to seamlessly manage patient care journeys. In order to keep patient data secure and win customer trust, Tellescope prioritized HIPAA compliance from day one—but found they needed to strengthen their security posture further in order to grow.
A few years into the business, Derek Strauss, COO & Co-Founder of Tellescope, needed to raise the bar to meet prospective customers’ security standards. The large healthcare organizations they were targeting required not just HIPAA, but SOC 2 compliance as well.
At first, Derek and his team tried to meet the standards with a free self-serve compliance solution that relied heavily on the company to manage its own compliance process.
Derek realized they needed outside expertise to get the job done efficiently and correctly. They explored a few well-known vendors in the space, but those solutions only offered the prep work and not an in-house auditor—Tellescope would still have to find a third-party auditor for their audit that might not’ve been as familiar with the software they were using.
When Derek met Thoropass representatives at an event, he learned there was a better way.
Derek chose Thoropass to help Tellescope achieve its SOC 2 Type 1 audit. The deciding factor was the comprehensive nature of Thoropass’s integrated model, which marries easy-to-use software with in-house compliance experts and auditors who offer ongoing guidance and checkpoints.
“Thoropass’s pricing, software, and customer success team were everything we needed rather than trying to figure it out ourselves,” said Derek.
From the initial scoping call, Thoropass’s infosec team helped Derek and his technical co-founder, Sebastian Coates, figure out exactly which controls Tellescope needed for their unique business case. A smooth onboarding process and weekly check-ins with their dedicated Customer Support Manager helped Derek and his team through the process with confidence and clarity.
The Tellescope team had a contractual deadline to achieve SOC 2 Type 1 compliance in order to secure their biggest customer to date. With Thoropass’s streamlined solution, they started the process in December and completed their audit in February—successfully meeting their customer’s deadline.
Since then, the SOC 2 Type 1 report has offered peace of mind to both Tellescope and its prospective customers. According to Derek, healthcare organizations have had no issues or questions regarding the quality of the audit.
As a next step, Tellescope is now working with the Thoropass team on their SOC 2 Type 2 audit, due to be completed in September.
Talk with one of our experts to build your custom path to compliance and take advantage of Thoropass’s thoughtful automation, expert guidance, and security audit experience.
GDPR, SOC 2, Unified Compliance Framework
ISO 27001, SOC 2
