LOS ANGELES, June 30, 2026 (GLOBE NEWSWIRE) -- GCheck, a modern, compliance-first hire-to-retire screening platform and FCRA-regulated consumer reporting agency (CRA), today announced it has achieved SOC 2 Type II compliance. In an examination conducted by Zero Day CPA, an independent licensed CPA firm, GCheck's controls were suitably designed and operated effectively throughout the period from March 1 to May 31, 2026, meeting the SOC 2 Trust Services Criteria for Security.
Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2 is the attestation framework used to evaluate how service organizations protect customer data. A SOC 2 report describes an organization’s controls against the relevant Trust Services Criteria, and a Type II report goes a step beyond a Type I report by testing whether those controls operated effectively across a defined review period rather than at a single moment.
A Baseline for Vendor Risk Reviews
For the enterprise HR, security, and procurement teams that evaluate screening vendors across financial services, technology, government, manufacturing, staffing, transportation, and other regulated industries, a SOC 2 Type II report has shifted from a differentiator to a baseline. Security questionnaires, third-party risk assessments, and procurement reviews increasingly treat it as a condition for handling sensitive or regulated data.
Screening involves some of the most sensitive personal data an organization collects, including Social Security numbers, criminal and court records, identity documents, drug and health screening results, and professional credentials. The examination gives the people accountable for that data evidence, tested over time, that GCheck’s controls perform as intended.
“A promise about security is easy to make on any given day. A SOC 2 Type II report is harder, because it tests whether your controls actually held up over months, not whether they looked right once,” said Houman Akhavan, Founder and CEO of GCheck. “Customers hand us the most sensitive data in their hiring process, and this is independent proof that we protect it the way we say we do.”
One Platform, One Examination
GCheck delivers employee screening across the hiring lifecycle through one unified platform, spanning background checks, identity verification, credential and employment verifications, and drug and health screening. The SOC 2 Type II examination covers the security controls over how GCheck handles candidate data in its background check and screening service, rather than at one isolated step.
For organizations consolidating screening vendors, that means one vendor to evaluate across the hiring lifecycle rather than several, with GCheck's SOC 2 Type II examination covering its controls over the candidate data its background check and screening service handles, including the data exchanged with the more than 50 ATS and HRIS systems GCheck integrates with.
That approach reflects GCheck’s Compliance for Good® operating standard, which treats security and privacy as foundational to screening rather than administrative add-ons.
“Vendor security reviews are getting more demanding, and they should be,” said Pat Hartonian, Chief Compliance Officer at GCheck. “A SOC 2 Type II report answers those reviews with independent evidence rather than assurances.”
Secure data handling sits at the center of the Protective Compliance pillar of GCheck’s Compliance for Good® framework, and the SOC 2 Type II examination is documented evidence of it, in service of the candidates and employees whose data GCheck is entrusted to protect.
GCheck manages its SOC 2 program on the Drata Agentic Trust Management Platform, which continuously monitors controls, flags risks as they surface, and keeps evidence audit-ready. That ongoing oversight keeps GCheck's security posture current between examinations, so the trust its customers place in it holds up every day.
Learn more about GCheck’s approach to security and compliance at the GCheck Trust Center here and explore the latest GCheck news and updates here.
About GCheck
GCheck is a modern, hire-to-retire screening platform dedicated to Compliance for Good®, helping organizations hire and retain with speed, accuracy, and fairness. We operate across the entire employee lifecycle, delivering background checks, identity verification, drug testing, employment and professional verifications, continuous monitoring, and compliance management through one unified platform.
Our Compliance for Good® framework is built on three pillars: Transparent Compliance, Fair Compliance, and Protective Compliance, ensuring every screening decision upholds dignity, reduces risk, and strengthens trust. GCheck serves enterprise HR teams, healthcare organizations, nonprofits, and regulated industries that need more than a fast check; they need a compliant, ethical, and audit-ready screening partner.
To learn more, visit gcheck.com.
About Drata
Drata provides the trust network that enables businesses to operate, scale, and partner with confidence. Powered by AI and designed to operationalize trust, the Drata Agentic Trust Management Platform continuously interprets controls, risk, and assurance signals—reducing repetitive manual work while improving visibility into internal and third-party risk, enabling always-on audit readiness across compliance frameworks, and accelerating security reviews. Purpose-built for enterprise complexity, Drata unifies governance, risk, compliance, and assurance to deliver faster time-to-value, reduce operational overhead, and enable continuous trust for 8,500+ organizations worldwide. For more information, visit drata.com.
Media Contact
GCheck Media
press@gcheck.com
