Facebook  LinkedIn

855.234.2255

Security Status Overview

Third party audit of organizational procedures, policies and controls provide BDI customers with
expert assurances regarding the security of BDI's production and network systems.


Los Angeles, CA (August, 2018)

We are pleased to announce the successful completion of BDI’s annual Service Organization Control (SOC) 2 Type II audit review (audit performed by Marcum, LLP*). The audit results demonstrate our commitment to the highest available standards for security, privacy and service support available in our industry.

The AICPA’s SOC examination guidelines, and the resulting Independent Service Auditor Report, provides detailed information about BDI's security policies and offers assurance in our ability to protect your organization's vital information.

A copy of the SOC 2 Report is now available for direct download by BDI customers via Client Connect, BDI’s secure user interface. After logging in, please visit the Admin Reports tab and click on the Legal Publications folder. Moving forward, you will be able to obtain other up-to-date vendor due diligence information by visiting Client Connect.

AICPA SOC 2 Type 2

What Are Service Organization Control (SOC) Reports?

The American Institute of Certified Public Accountants (AICPA) publishes Service Organization Control (SOC) guides for auditors to utilize when reporting on controls at service organizations.

AICPA SOC 2 Type II, Formerly SAS-70 2017

SOC 2 is based on AT Section 101 of the AICPA professional standards. A SOC 2 report examines controls at a service organization relevant to the security, availability, or processing integrity of a system or the confidentiality or privacy of the information contained in the system (e.g., BDI). These audits are based on the Trust Service Principles, Criteria and Illustrations (AICPA, Technical Practice Aids) established jointly by the AICPA and the Canadian Institute of Chartered Accountants (CICA). A SOC 2 report is intended for existing customers and their auditors, not potential customers or the general public.

SOC TYPE I And TYPE II Reports

In any SOC engagement, the auditor provides a Type I or a Type II report. Type I reports document an auditor's opinion regarding the accuracy, completeness and suitable design of an organization's controls as of a set date. Type II reports audit the implementation of these controls over a set period of time, typically 6 months to a year, with sample testing of each controls' operating effectiveness during the defined period.

AICPA SOC 2 SOC 3 Type II, Formerly SAS-70

AICPA Interpretation on Certification

BDI annually completes its annual SOC 2 Type II audit review. According to the AICPA, there is no "Certified" designation.

As always, look for new information to be posted and referenced on our website or contact us directly if you have any questions. Our customers can access security documents directly through their BDI customer portal.

Marcum, LLP

321 MILLION
eStatements posted


Save Trees 74,500
trees saved


Save Dollars $141 million
postage savings


Saving green
wherever we can!


Updated: March 2019

  • ABOUT BUSINESS DATA, INC.
  • BDI specializes in the creation and delivery of documents and client communications for E-Channels, Traditional Mail and Archive Storage.

    Our mission is to match solutions to customer need with a keen eye on future technologies and innovation opportunities.



    Facebook  LinkedIn JOIN US AT OUR PAGES!