Contrary to many compliance polices, SOC compliance is usually not mandatory to operate inside a provided market like PCI DSS compliance is for processing payment card knowledge. Generally speaking, providers need a SOC audit when their shoppers ask for 1. Formally attest your compliance. An AOC (attestation of compliance) is https://www.nathanlabsadvisory.com/blog/nathan/benefits-of-hipaa-compliance-certification-for-us-professionals/
