- 1 Minute to read
- 1 Minute to read
Rivery obtains an independent SOC2 Type II certification every year, using only well-known audit firms, to ensure our security is maintained to the highest levels. Based on the concepts of security, availability, processing integrity, confidentiality, and privacy, SOC2 defines the requirements for handling customer data.
The audit report is shared with any potential or existing client (under NDA) who wants to confirm our security posture across all relevant business processes and essential infrastructure.
This certification confirms that Rivery has implemented a robust information security management system (ISMS) that meets the strict requirements of the ISO 27001 standard.
To maintain compliance with ISO 27001, Rivery undergoes regular audits and assessments to validate the efficacy and currency of our security controls.
As a result, Rivery customers can be assured that their data is being processed and stored in a secure manner and that the organization is regularly audited to maintain compliance with the standard.
General Data Protection Regulation affects every business in the data community that has a presence in the EU or processes the personal data of European residents. Rivery is fully compliant with current European data privacy laws.
Through our annual SOC2 audit, Rivery maintains a compliance
benchmark with the HIPAA standard. All HIPAA-related controls are benchmarked by the company’s auditor and documented under the SOC2 report.
SOC 2 (Type II)
Rivery relies on AWS located in US global infrastructure, including the facilities, network, hardware, and operational software (e.g. host OS, virtualization software) that support the provisioning and use of basic computing resources storage. Rivery undergoes an independent SOC 2 (Type II) review every year.
This infrastructure is designed and managed according to security best practices as well as a variety of security compliance standards: FedRAMP, HIPAA, AICPA SOC 1, SOC2, SOC 3, PCI-DSS, and more. AWS constantly updates its compliance programs.