CAPS completes examination for Information Security Policies and Procedures

The CAPS® data exchange platform has successfully passed a rigorous security examination – Type 1 SOC2 Service Organisation Control (SOC2) – originally set by the American Institute of Certified Public Accountants (AICPA).

The SOC2 examination, which is a globally recognised standard, requires companies to establish and follow strict information security policies and procedures, encompassing the security, availability, processing, integrity, and confidentiality of customer data. The audit was conducted by public accounting and consulting firm Baker Tilly Virchow Krause.

SOC2 reports examine a service organisation’s controls relating to the security, availability or processing integrity of a system, or the confidentiality or privacy of the information processed for user entities.

It ensures that a company’s information security measures are in line with the unique parameters of today’s cloud requirements. As companies increasingly leverage the cloud to store customer data, SOC2 compliance is becoming a necessity for a wide variety of organisations to ensure best practice.

The examination provides evidence that information reported by CAPS® will be transparent, consistent across time, comparable between entities, as complete as possible, scalable and flexible.

David Neave, Chair of the CAPS® National Advisory Council said, “The NAC considered a range of options before proceeding with the SOC2 examination and took advice from the corporate owners of CAPS®. It was agreed that SOC2 would provide the best and most relevant accreditation to ensure the continued security and governance of CAPS®.

“SOC2 is considered a technical audit, but it goes beyond that. We felt it was the right next step as CAPS® evolves to become the industry’s secure and trusted data sharing platform. We believe that the CAPS® community and its stakeholders will be best served if a defined set of information intended to meet their common needs addresses cybersecurity concerns. Achieving SOC2 is integral to this process.

“With thousands of body shops working with numerous insurers and work providers as well as their own extensive supply chains, the amount of valuable data that is passing through hundreds of different systems will only continue to grow. CAPS® is a truly unique solution that is giving customers peace of mind by offering market leading data security. Its controls ensure customers know exactly where their data is flowing and that the system meets their own rigorous compliance needs.”

CAPS is a secure data exchange platform that connects body shops, work providers, insurers and now the wider supply chain to all the major claims and management applications and enables all parties to share data safely and consistently. CAPS® enables body shops to do more in whatever management system they choose to use and allows any company involved in the collision repair process to work more effectively with its chosen partners and better serve its customers by sharing data quickly and seamlessly. One of the additional security benefits of using CAPS® is that it does not store client data.