News Release

Spok Solutions Achieve SOC 2 Type II and JITC Certifications

Rigorous audits validate Spok as a trusted partner in the highly regulated industries of healthcare and public safety.
SPRINGFIELD, Va. (September 20, 2017) – Spok, Inc., a wholly owned subsidiary of Spok Holdings, Inc. (NASDAQ: SPOK) and the leader in healthcare communications, announced that its paging, secure messaging, and emergency notification solutions have earned Service Organization Control 2 (SOC 2) Type II validation.  This designation follows an extensive audit performed by a leading global professional services firm. The audit confirms that Spok’s information security practices, policies, procedures, and operations meet the SOC 2 standards for security, integrity, availability, privacy, and confidentiality.
The SOC 2 Type II certification, developed by the American Institute of Certified Public Accountants (AICPA), is the most widely recognized method for sharing independently reviewed information about a service organization’s internal controls.

“Cybersecurity has become a top priority for executives in all industries, but especially in healthcare,” said Tom Saine, CISSP, Chief Information Officer of Spok, Inc. “As the trusted name and leader in healthcare communications, being SOC 2 Type II certified demonstrates our ongoing commitment to our customers. We’re invested in maintaining the highest levels of security and compliance.”
Several Spok solutions also have received Joint Interoperability Test Command (JITC) certification and are now listed on the Department of Defense Unified Capabilities Approved Products List. This includes the latest versions of Spok® pc/psap, a 911 call center call-taking and dispatch console; Spok MediaSTAR call recording; and Spok’s IP phone tracking gateway. Communications between servers, workstations, and PBX phone systems among all Spok solutions are fully encrypted to keep data secure.

The accreditation means these Spok solutions meet or exceed the levels of security and interoperability required by the U.S. government and the U.S. military. JITC certification covers Information Assurance (IA) Accreditation from the Defense IA/Security Accreditation Working Group (DSAWG) and Interoperability Certification (IOC) from the Joint Staff (JS).
To earn JITC certification, Spok completed rigorous federal government testing and compliance processes under real-life conditions. JITC serves the Defense Information Systems Agency, combatant commands, the Department of Defense, other federal agencies, U.S. allies, coalition partners, and commercial vendors.
“Spok solutions have been put to the test, and our SOC 2 Type II and JITC certifications demonstrate that they meet the rigorous requirements needed to protect sensitive information,” said Vincent D. Kelly, President and Chief Executive Officer of Spok Holdings, Inc. “These accomplishments assure our customers in healthcare and public safety that Spok solutions offer the flexibility and security they need for critical communications.”

About Spok

Spok, Inc., a wholly owned subsidiary of Spok Holdings, Inc. (NASDAQ: SPOK), headquartered in Plano, Texas, is proud to be a global leader in healthcare communications. We deliver clinical information to care teams when and where it matters most to improve patient outcomes. Top hospitals rely on the Spok Care Connect® platform to enhance workflows for clinicians and support administrative compliance. Our customers send over 70 million messages each month through their Spok® solutions. Spok enables smarter, faster clinical communication.

Spok is a trademark of Spok Holdings, Inc. Spok Mobile and Spok Care Connect are trademarks of Spok, Inc.

Safe Harbor Statement under the Private Securities Litigation Reform Act: 

Statements contained herein or in prior press releases which are not historical fact, such as statements regarding our future operating and financial performance, are forward-looking statements for purposes of the safe harbor provisions under the Private Securities Litigation Reform Act of 1995. These forward-looking statements involve risks and uncertainties that may cause our actual results to be materially different from the future results expressed or implied by such forward-looking statements. Factors that could cause actual results to differ materially from those expectations include, but are not limited to, our ability to manage wireless network rationalization to lower our costs without causing disruption of service to our customers; our ability to retain key management personnel and to attract and retain talent within the organization; the productivity of our sales organization and our ability to deliver effective customer support; our ability to identify potential acquisitions, finance, consummate and successfully integrate such acquisitions, and achieve the expected benefits of such acquisitions; economic conditions, such as recessionary economic cycles, the impact of trade disputes, tariffs and other trade protection measures,  higher interest rates, inflation and higher levels of unemployment; risks related to our overall business strategy, including maximizing revenue and cash generation from our established businesses and returning capital to stockholders through dividends and repurchases of shares of our common stock; competition for our services and products from new technologies or those offered and/or developed from firms that are substantially larger and have much greater financial and human capital resources; continuing decline in the number of paging units we have in service with customers, commensurate with a continuing decline in our wireless revenue; our ability to address changing market conditions with new or revised software solutions; undetected defects, bugs, or security vulnerabilities in our products; our dependence on the United States healthcare industry; long sales cycle of our software solutions and services; our reliance on third-party vendors to supply us with wireless paging equipment; our ability to maintain successful relationships with our channel partners; our ability to protect our rights in intellectual property that we own and develop and the potential for litigation claiming intellectual property infringement by us; our use of open source software, third-party software and other intellectual property; our reliance on data centers and other computer systems, hardware, software and satellite networks and telecommunications systems infrastructure (collectively, “IT Systems”) and technologies provided by third parties, and technology systems and electronic networks supplied and managed by third parties; cyberattacks, data breaches, system disruptions or other compromises to our or our critical third parties’ IT Systems (as defined below), data, products or services; our ability to realize the benefits associated with our deferred income tax assets; future impairments of our long-lived assets or goodwill; risks related to data privacy and protection-related laws and regulation; and our ability to manage changes related to regulation, including laws and regulations affecting hospitals and the healthcare industry generally, as well as other risks described from time to time in our periodic reports and other filings with the Securities and Exchange Commission. Although Spok believes the expectations reflected in the forward-looking statements are based on reasonable assumptions, it can give no assurance that its expectations will be attained. Spok disclaims any intent or obligation to update any forward-looking statements.

Media Inquiries

Al Galgano
+1 (952) 224-6096
al.galgano@spok.com