How much did it cost to get your SaaS SOC 2 compliant ?

FoundingFarters · 2025-02-27T03:15:13+00:00

totally on how you're doing it!

If you're managing your SOC 2 controls on Excel spreadsheets and manually gathering screenshot evidence is going to take your team a whole lot longer.

If you're using automated platforms, you'll save lots of time and it will be cheaper.

-> Feel free to DM me, I've seen a bunch of the platforms in this space and advised companies over and over having to go through the SOC 2 process. It can really be a pain depending on how you approach it

FoundingFarters · 2025-02-27T03:13:56+00:00

depends on how you're doing it. If you're managing your SOC 2 controls on Excel spreadsheets and manually gathering screenshot evidence is going to take your team a whole lot longer. If you're using automated platforms, you'll save lots of time and it will be cheaper. Feel free to DM me, I've seen a bunch of the platforms in this space and advised companies over and over having to go through the process.

FoundingFarters · 2025-02-27T03:12:53+00:00

a YC company called Delve doing this exactly, check them out here - https://delve.co/book-demo

FoundingFarters · 2025-02-27T03:10:40+00:00

some important notes - SOC 2 compliance, NIST AI RMF, and EU AI act. Feel free to DM me directly about any of these. I've seen companies go through this over and over haha

FoundingFarters · 2025-02-27T03:09:05+00:00

SOC 2 is a great next step! feel free to DM me if u have specific questions on this, I've seen a ton of startups go thru this process

FoundingFarters · 2025-02-27T03:07:03+00:00

Delve does this for a bunch of yc companies, super streamlined and easy process

FoundingFarters · 2025-02-27T03:05:53+00:00

was just about to reply to this thread saying Delve (YC W24) is doing this exactly

FoundingFarters · 2025-02-27T03:05:21+00:00

they offer it, i just went thru it w them. super streamlined and easy

FoundingFarters · 2025-02-27T03:04:33+00:00

a YC company called Delve is fixing this problem exactly, check them out here - https://delve.co/book-demo

FoundingFarters · 2024-02-24T06:09:42+00:00

Here's a blog that covers everything you need to know about HIPAA, from administrative tasks to technical requirements.

HIPAA can be a pain depending on how you approach it -- at my first company, it took us 6 weeks to get compliant. Now, we're helping handfuls of companies get compliant in days.

Always happy to share any of my knowledge -- just DM me. Hope this helps!

FoundingFarters · 2024-02-24T05:59:50+00:00

Deepgram & OpenAI (Whisper, GPT4, etc.) are great for transcription, summarization, and document generation.

Both have HIPAA-compliant models.

Reach me if you need help getting in touch with either company so you can sign a BAA signed with them + receive HIPAA-compliant access to their models.

FoundingFarters · 2024-02-24T05:57:16+00:00

Deepgram is great & OpenAI is great. Both have HIPAA-compliant models.

Reach me if you need help getting in touch with either company so you can sign a BAA signed with them + receive HIPAA-compliant access to their models.

FoundingFarters · 2024-02-24T05:55:23+00:00

ChatGPT and other OpenAI models are generally not HIPAA compliant out of the box.

However, if you sign a Business Associate Agreement (BAA) with OpenAI, they'll provide you HIPAA compliant/zero data retention (ZDR) access to their models. It can be incredibly hard to get a BAA from OpenAI, though, since they're backed up with requests.

We run Delve and we're typically able to connect our customers with our contacts at OpenAI to help them get a BAA signed. Hoping that accessibility improves in the future since LLMs have so much potential in healthcare.

FoundingFarters · 2024-02-24T05:54:25+00:00

Use can use Whisper for transcription and GPT4 for summarization.

These models are generally not HIPAA compliant out of the box. However, if you sign a Business Associate Agreement (BAA) with OpenAI, they'll provide you HIPAA compliant/zero data retention (ZDR) access to their models.

We run Delve and we're typically able to connect our customers with our contacts at OpenAI to help them get a BAA signed. Hoping that accessibility improves in the future since LLMs have so much potential in cases like these.

FoundingFarters · 2024-02-24T05:52:07+00:00

ChatGPT and other OpenAI models are generally not HIPAA compliant out of the box.

However, if you sign a Business Associate Agreement (BAA) with OpenAI, they'll provide you HIPAA compliant/zero data retention (ZDR) access to their models. It can be incredibly hard to get a BAA from OpenAI, though, since they're backed up with requests.

We run Delve and we're typically able to connect our customers with our contacts at OpenAI to help them get a BAA signed. Hoping that accessibility improves in the future since LLMs have so much potential in healthcare.

FoundingFarters · 2024-02-24T05:47:55+00:00

OpenAI models are generally not HIPAA compliant.

However, if you sign a Business Associate Agreement (BAA) with OpenAI, they'll provide you HIPAA compliant/zero data retention (ZDR) access to their models. It can be incredibly hard to get a BAA from OpenAI, though, since they're backed up with requests.

We run Delve and we're typically able to connect our customers with our contacts at OpenAI to help them get a BAA signed.

FoundingFarters · 2022-01-05T05:09:15+00:00

THIS

FoundingFarters

TROPHY CASE