SOC 2 vendors for Healthcare
Vendors that support SOC 2 (Service Organization Control 2) and explicitly serve healthcare customers. Listings verified April 24, 2026.
| Vendor | HQ | Founded | Size | Pricing | Last verified |
|---|---|---|---|---|---|
| Scrut Automation | Palo Alto, US | 2021 | 51-200 | Contact for pricing | Apr 24, 2026 |
| WhyLabs | Seattle, US | 2019 | 11-50 | Contact for pricing | Apr 24, 2026 |
| Drata | San Francisco, US | 2020 | 501-1000 | Contact for pricing | Apr 24, 2026 |
| Giskard | Paris, France | 2021 | 11-50 | Contact for pricing | Apr 24, 2026 |
| Credo AI | Palo Alto, US | 2020 | 51-200 | Contact sales for enterprise subscription quote. Credo AI homepage | Apr 26, 2026 |
| Arthur | New York, US | 2019 | 51-200 | Contact for pricing | Apr 26, 2026 |
| Lasso Security | Tel Aviv, IL | 2023 | 11-50 | Enterprise pricing only. Not publicly listed. | Apr 27, 2026 |
| Knostic | Herndon, US | 2023 | 11-50 | Contact for pricing | Apr 27, 2026 |
About SOC 2
SOC 2 is an AICPA auditing standard for service organizations, evaluating controls relevant to security, availability, processing integrity, confidentiality, and privacy. While not AI-specific, SOC 2 Type II reports are table stakes for B2B SaaS vendors — including AI governance platforms — and are frequently mapped to AI-specific risk frameworks.
Read framework guide →About Healthcare
Hospitals, payers, and digital health companies using AI for clinical decision support, imaging, coding, prior authorization, and patient engagement. Regulated by FDA SaMD, HIPAA, and HHS Section 1557 non-discrimination rules in addition to AI-specific laws.
See all healthcare vendors →