Commitment to Trust: Our Certifications and Compliance Standards
Compliance and Certifications Statement
Last Updated: March 10, 2025
At MedPro Systems, we are committed to maintaining the highest standards of quality, security and compliance across all facets of our business. We understand the importance of the trust our customers place in us — particularly when it comes to handling sensitive data—and we view that trust as a responsibility we’re honored to uphold. This commitment is deeply embedded in our culture and guides how we operate, innovate and develop our solutions.
To reinforce this trust, we align with globally recognized frameworks and undergo rigorous independent audits to validate our practices. Our certifications and audits demonstrate not only compliance with industry standards but also a proactive approach to safeguarding information and continually improving our systems.
Serving highly regulated industries such as pharmaceuticals and medical device manufacturing, we know that transparency matters. That’s why we provide our customers and partners with clear insight into our approach, controls and third-party validations. Below, you’ll find more details about our certifications, audit results and how to obtain additional documentation.
International Organization for Standardization (ISO)
ISO is a non-governmental organization that develops and publishes international standards to support trade and cooperation.
MedPro is audited annually by an accredited third-party certification body and is certified for compliance with the following ISO standards:
ISO 9001:2015 – Quality Management Systems
This certification reflects our commitment to quality and continuous improvement. It provides a framework to consistently deliver high-quality products and services, improve operational efficiency and enhance customer satisfaction.
ISO/IEC 27001:2022 – Information Security Management
This certification establishes a systematic approach to managing sensitive company and customer information. It supports the implementation and continual improvement of an Information Security Management System (ISMS), focused on protecting the confidentiality, integrity and availability of information assets.
Accessing ISO Certification Information
MedPro’s ISO certificates are available upon request and can also be publicly accessed online at www.iafcertsearch.org.
System and Organization Controls (SOC)
SOC 2 is a set of standards developed by the American Institute of Certified Public Accountants (AICPA) to evaluate how effectively a service organization manages and protects customer data through its internal controls and processes. The SOC 2 Trust Services Criteria (TSC) include security, availability, confidentiality, processing integrity and privacy. Security is the foundational requirement for all SOC 2 reports.
MedPro is committed to continuing our compliance with SOC 2 security criteria and has started the process for SOC 2 Type 2.
SOC 2 Type 1: Trust Service Criteria – Security
MedPro was audited by an independent Certified Public Accountant (CPA) firm, which issued an unqualified opinion confirming that our stated controls meet the SOC 2 Trust Services Criteria (TSC) for security. The report is available as a PDF upon request and approval.
Accessing SOC 2 Information
MedPro’s SOC 2 Type 1 Report for the Security Trust Services Criteria is available on request.
To receive the report, a valid customer contract or a non-disclosure agreement (NDA) is required for all other stakeholders.
The National Institute of Standards and Technology (NIST)
The National Institute of Standards and Technology (NIST), a U.S. Department of Commerce agency, promotes innovation and industrial competitiveness. The NIST Cybersecurity Framework (CSF) is a voluntary set of guidelines that helps organizations strengthen their cybersecurity governance and risk management practices to better prevent, detect and respond to cyber threats.
The CSF includes maturity levels—also known as implementation tiers—that help organizations assess and improve their cybersecurity posture:
NIST CSF Maturity Report
An independent audit of MedPro’s implementation of the NIST Cybersecurity Framework concluded that we have achieved a Repeatable (Tier 3) maturity level.
Accessing NIST CSF Information
MedPro’s NIST CSF Maturity Report is available upon request for customers and stakeholders.