CentralReach Completes SOC 2 Type 2 Annual Certification for Security Operations and Data Protection Services

FORT LAUDERDALE, Fla., April 29th, 2025

CentralReach, a leading provider of Autism and IDD Care software for ABA, multidisciplinary, and special education, today announced it has successfully completed its annual Service Organization Control (SOC) 2 Type 2 audit for the fifth year in a row, underscoring the company’s continued commitment to privacy and security.

Assessing operational policies, practices and procedures, research and development functions, data protection, and privacy and security policies, BDO, the independent accounting and consulting firm that conducts the SOC 2 Type 2 annual certification, found CentralReach’s security practices and procedures met or exceeded the high standards of compliance. This certification marks CentralReach as one of the only autism and IDD software providers to receive certification for its best-in-class privacy and security measures.

“CentralReach is committed to upholding the highest standards of data protection, safeguarding the security and privacy of our customers' information at every level,” said Perry Pappas, CentralReach’s chief legal and compliance officer. “Successfully completing our annual SOC 2 Type 2 assessment reinforces our focus on adhering to rigorous, industry-leading privacy and security policies, practices, and procedures that build upon the culture of security we have at CentralReach.”

Evaluating how organizations handle sensitive data and the effectiveness of their security protocols, the SOC 2 Type 2 report is a comprehensive and robust assessment of security, availability, confidentiality, processing integrity, and privacy. Reports provide industry-wide acknowledgment that organizations adhere to trust service principles set by the American Institute of Certified Public Accountants, enabling clients and partners to assess the quality of security offered by their cloud-based service providers.

In addition to adhering to SOC 2 Type 2 privacy and security measures, CentralReach is HIPPA, TRUSTe, FERPA, and PCI compliant. For more information on CentralReach’s multi-compliant data security infrastructure, visit: centralreach.com/about/security/.