Not like quite a few compliance rules, SOC compliance is usually not necessary to work in the provided business like PCI DSS compliance is for processing payment card information. On the whole, organizations have to have a SOC audit when their clients request just one. The GDPR shields private info https://www.nathanlabsadvisory.com/blog/tag/dpias/
