League achieves SOC 2 Compliance

Today we were pleased to announce that we have completed our Service Organization Control (SOC) 2 Type II examination. Currently HIPAA and PIPEDA compliant, the completion of this examination is the latest step in League’s ongoing commitment to protect personal health information and give its members better access to and control over their personal data.

“Security is at the heart of every process and technology we use across our teams at League,” said Mike Serbinis, founder and CEO of League. “We’re committed to protecting our members’ data, and our highest priority is keeping sensitive information — especially personal health information — safe.”

Through its enterprise health OS, League allows employers — including customers like Unilever, Uber, Shopify, and Lush Cosmetics — to deliver personalized health recommendations that actively support employees’ health and wellness through a single access hub. This new “front door” to healthcare eliminates the current sea of point solutions via an integrated ecosystem of over 100 insurance carriers, healthcare partners and HRIS systems. Millions of dollars are moved securely and in compliance to HIPAA standards through League’s platform. In 2018, members purchased more than $1.5M of wellness products and services through League’s Marketplace which offers ecommerce integration with leading partners such as ClassPass and Headspace to help users integrate healthier habits into their daily lives, saving members more than $300,000.

“Our members trust us with their personal health information, so we can help them be their healthiest selves everyday. Our privacy and security by design approach allows us to adhere to strict security and compliance standards not only because we need to meet specific regulations, but because we consider it one of the most important things we can do for customers,” Serbinis added.

League’s platform is regularly audited by 3rd parties to make sure it complies with security, availability and confidentiality requirements for managing client data. The compliance and security team continually improves the framework to meet changing and ever-stricter security and compliance needs.

Developed by the American Institute of Certified Public Accountants Trust Principles, the SOC 2 examination confirms League meets its security and availability controls. The examination was conducted by PWC.