Compliance
  • 27 Mar 2022
  • 1 Minute to read
  • Dark
    Light
  • PDF

Compliance

  • Dark
    Light
  • PDF

Rivery obtains an independent SOC2 Type II certification every year, using only well-known audit firms, to ensure our security is maintained to the highest levels. Based on the concepts of security, availability, processing integrity, confidentiality, and privacy, SOC2 defines the requirements for handling customer data.
The audit report is shared with any potential or existing client (under NDA) who wants to confirm our security posture across all relevant business processes and essential infrastructure.

GDPR

General Data Protection Regulation affects every business in the data community that has a presence in the EU or processes the personal data of European residents. Rivery is fully compliant with current European data privacy laws.
Rivery-GDPR.png

HIPAA

Through our annual SOC2 audit, Rivery maintains a compliance
benchmark with the HIPAA standard. All HIPAA-related controls are benchmarked by the company’s auditor and documented under the SOC2 report.
Rivery-HIPAA-1.webp

SOC 2 (Type II)

Rivery relies on AWS located in US global infrastructure, including the facilities, network, hardware, and operational software (e.g. host OS, virtualization software) that support the provisioning and use of basic computing resources storage. Rivery undergoes an independent SOC 2 (Type II) review every year.
This infrastructure is designed and managed according to security best practices as well as a variety of security compliance standards: FedRAMP, HIPAA, ISO 27001:2013, AICPA SOC 1, SOC2, SOC 3, PCI-DSS, and more. AWS constantly updates its compliance programs.

Rivery-Soc.png


Was this article helpful?

What's Next