May 26, 2022 — ScImage, Inc., a leading provider of cloud-centric enterprise imaging, PACS, and image exchange solutions for the healthcare industry, announced today it has successfully completed its SOC 2 Type 1 report, in accordance with attestation standards established by the American Institute of Certified Public Accountants (AICPA). The achievements underscore ScImage’s commitment to strong internal controls.
SOC 2 is an internationally recognized compliance standard for service organizations, developed by the AICPA (American Institute of CPAs), which specifies how companies should manage and maintain customer data.
Many companies put software into a hosted environment, such as MS Azure, Amazon Web Services, and Google, relying solely on the host’s security strategy, said ScImage’s President and CEO, Sai Raya, PhD.
“SOC 2 Type 1 report for PICOM365 Cloud Enterprise Imaging Services system allows ScImage to demonstrate that we are successfully merging the wealth of security and monitoring features built into the MS Azure platform with our own specific controls and information security wisdom acquired over decades of experience. ScImage is fully committed to the principles of security, confidentiality, and availability,” he said.
Dr. Raya noted that ScImage has been seeing an increase in the number of security documentation requests as the healthcare industry transitions from on-premise to Cloud-based workflow.
ScImage is not new to compliance initiatives. The company’s PicomEnterprise software suite is an FDA 510k approved medical device, and ScImage was granted a Risk Management Framework (RMF)-based Authority to Operate (ATO) authorized by the Defense Health Agency (DHA) in 2017.
“The formal SOC 2 report path, including independent 3PAO audits, is an attestation that ScImage will continue to grow our established service commitments, system requirements, and corporate policies to not only meet, but exceed our valued customers’ and partners’ expectations,” he concluded.
The effort was completed by the professional and independent third-party cybersecurity and compliance audit firm, 360 Advanced, Inc.
For more information: https://scimage.com/
February 20, 2026 
