Company announcements

Firefly Health Successfully Completes SOC 2 Audit

Published July 28, 2023

SOC 2 badge

Watertown, MA July, 28, 2023 — Firefly Health – a virtual-first healthcare company announced its successful completion of its SOC 2 Type II audit as of May 17th, 2023 for the period of February 1st to April 30th as it looks to uphold the highest standards of data security and privacy in the healthcare industry

The SOC 2 audit was conducted by leading compliance assessor A-LIGN, a technology-enabled security and compliance partner trusted by more than 2,500 global organizations to help mitigate cybersecurity risks.

“Data security is essential for trust in today’s era of digital health," said Fay Rotenberg, CEO, Firefly Health. "This certification demonstrates our unwavering dedication to safeguarding our clients' sensitive information. As we grow as an organization, we are committed to upholding the infrastructure needed to meet the evolving security and privacy needs of our customers."

Established by the American Institute of Certified Public Accountants (AICPA), the SOC 2 examination is designed for organizations of any size, regardless of industry and scope, to ensure the personal assets of their potential and existing customers are protected. SOC 2 reports are recognized globally and affirm that a company’s infrastructure, software, people, data, policies, procedures and operations have been formally reviewed.

“A SOC 2 audit is a statement about an organization’s commitment to protecting their information.” said Stephanie Oyler-Rankin, SOC Practice Lead at A-LIGN. “As a trusted third-party assessment firm, A-LIGN independently evaluates client data processes and procedures, governance on internal controls and security posture. Firefly Health’s SOC 2 report validates its commitment to data security and protection, as well as compliance with critical standards to mitigate cybersecurity threats.”

About Firefly Health

Firefly Health delivers a refreshingly personal and convenient healthcare experience. By engaging members early and often, Firefly develops trust and rapport so members always know where to turn. With Firefly’s primary care service, employees can access their own care team anytime, anywhere for any reason. Firefly can also be offered as a virtual-first health plan, integrating their superior virtual primary care with navigation and coverage to make it easy and affordable for employees to tend to their health and well-being. Learn how to create a healthier, more satisfied team today at

About A-LIGN

A-LIGN uniquely delivers a single-provider approach as a licensed SOC 1 and SOC 2 Assessor, accredited ISO 27001, ISO 27701 and ISO 22301 Certification Body, HITRUST CSF Assessor firm, accredited FedRAMP 3PAO, candidate CMMC C3PAO, and Qualified Security Assessor Company. A-LIGN ASSURANCE is a licensed certified public accounting firm registered as Price and Associates CPAs, LLC. A-LIGN may refer to the entities of both A-LIGN and A-LIGN ASSURANCE collectively as A-LIGN. For more information, visit

Media Contact

Liz Kellogg,