SOC 2 Type II for AI platforms: what it actually proves (and what it doesn't)

Every AI vendor claims to be "SOC 2 compliant." Most procurement teams check the box and move on. This is a mistake. SOC 2 is not a pass/fail certification — it's a detailed report on how a company handles your data. Understanding what's in that report (and what's not) is the difference between genuine security assurance and security theater.

Type I vs. Type II: the difference that matters

SOC 2 Type I says: "On this specific date, our security controls were designed correctly." It's a snapshot. A company could have had terrible security practices for years, fixed everything the week before the audit, and received a Type I report.

SOC 2 Type II says: "Over a sustained period (typically 6-12 months), our security controls were operating effectively." This is what matters. Type II proves consistency — the controls aren't just designed well, they're actually being followed day after day.

If your vendor only has Type I, ask when Type II is expected. If they don't have a timeline, that's a red flag.

The five Trust Service Criteria

SOC 2 covers five areas. Not all vendors are audited on all five:

• Security (required): Protection against unauthorized access. Firewalls, encryption, access controls, intrusion detection. Every SOC 2 report covers this.
• Availability: System uptime and disaster recovery. Is the vendor's SLA backed by actual infrastructure, or just a number in a contract?
• Processing Integrity: Data is processed accurately and completely. Critical for AI tools — does the system produce reliable, consistent results?
• Confidentiality: Sensitive data is protected throughout its lifecycle. For tender documents containing competitive intelligence, this is non-negotiable.
• Privacy: Personal data handling aligns with stated privacy policies. Relevant if your tender documents contain personnel information.

Ask your vendor which criteria their SOC 2 covers. "Security only" is the minimum. For AI procurement tools handling competitive tender data, you want Security + Confidentiality at minimum.

What to look for in the report

When a vendor shares their SOC 2 Type II report, focus on:

1. Scope: Which systems are covered? A vendor might have SOC 2 for their marketing website but not for the AI processing infrastructure where your data actually lives.
2. Exceptions: Any control failures noted by the auditor. A single exception isn't necessarily disqualifying, but the vendor should explain it and show remediation.
3. Sub-service organizations: Does the vendor use third-party infrastructure (AWS, GCP, Azure)? Those providers should have their own SOC 2 reports referenced.
4. Audit period: More recent is better. A report from 18 months ago may not reflect current practices.
5. Auditor: A Big Four firm or recognized security audit firm provides stronger assurance than an unknown auditor.

What SOC 2 doesn't cover

SOC 2 doesn't tell you:

• Whether your data is used for model training (this requires a separate contractual commitment)
• Where your data is physically stored (data residency requires separate verification)
• How the vendor handles AI-specific risks like prompt injection or model hallucination
• Whether the vendor will notify you of a breach within your required timeframe

SOC 2 is the foundation, not the entire security assessment. Use it as a starting point, then ask the questions above separately.

MedStrato's approach

MedStrato holds SOC 2 Type II certification covering Security and Confidentiality. Our report is available under NDA to customers and prospects. We additionally provide: contractual no-training guarantees, data residency commitments, breach notification within 72 hours, and annual penetration testing by a third-party firm.