Data Coverage & Compliance
      Back to home
      1. Knowledge Base
      2. Before you begin
      3. Data Coverage & Compliance

      How does Authenticate® ensure Compliance?

      Comprehensive Security and Compliance at Authenticate®: Adhering to SOC 2, HIPAA, PCI DSS, GDPR, CCPA, FCRA, DPPA, and GLBA Standards

      Authenticate® adheres to stringent security and privacy regulations, including:

      1. SOC 2 Type 2 and HIPAA Compliance: Protecting Sensitive User Information
      • SOC 2 Type 2 Compliance: SOC 2 (Service Organization Control 2) is a framework designed by the American Institute of Certified Public Accountants (AICPA) to ensure that service providers securely manage data to protect the interests of their clients and their clients' customers. SOC 2 Type 2 compliance specifically requires companies to demonstrate that they have implemented controls and processes effectively over a specified period, usually six months or more. These controls typically focus on security, availability, processing integrity, confidentiality, and privacy. By adhering to SOC 2 Type 2 standards, Authenticate® ensures that sensitive user information is adequately protected against unauthorized access and breaches.
      • HIPAA Compliance: HIPAA (Health Insurance Portability and Accountability Act) sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed. HIPAA compliance is essential for healthcare providers, health plans, healthcare clearinghouses, and business associates of HIPAA-covered entities. Authenticate® ensures HIPAA compliance by implementing stringent security measures, encryption protocols, access controls, and regular audits to protect sensitive health information and maintain patient privacy.
      2. PCI DSS Compliance: Safeguarding Credit Card Information
      • PCI DSS Compliance: The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment. PCI DSS compliance is mandated by major credit card companies like Visa, MasterCard, American Express, Discover, and JCB to protect cardholder data from theft and fraud. Authenticate® adheres to PCI DSS compliance standards by implementing robust security measures such as encryption, access controls, network monitoring, and regular security testing to safeguard credit card information and maintain trust with customers.
      3. GDPR, CCPA, FCRA, DPPA, and GLBA Compliance: Meeting Global and Regional Data Protection and Privacy Standards
      • GDPR Compliance: The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy concerning all individuals within the European Union and the European Economic Area. GDPR compliance requires companies to protect EU citizens' personal data and privacy for transactions occurring within EU member states. Authenticate® ensures GDPR compliance by implementing strict data protection measures, obtaining user consent, providing data transparency, and enabling user rights such as data access and erasure.
      • CCPA Compliance: The California Consumer Privacy Act (CCPA) is a state statute intended to enhance privacy rights and consumer protection for residents of California. CCPA compliance requires businesses to provide consumers with more control over their personal information, including the right to know what data is collected and how it's used, the right to opt out of the sale of their data, and the right to request the deletion of their data. Authenticate® complies with CCPA regulations by providing data collection and usage transparency, offering opt-out mechanisms, and enabling data deletion requests.
      • FCRA, DPPA, and GLBA Compliance: The Fair Credit Reporting Act (FCRA), Driver's Privacy Protection Act (DPPA), and Gramm-Leach-Bliley Act (GLBA) are U.S. federal laws that regulate the collection, use, and disclosure of consumer information by businesses. FCRA regulates the use of consumer credit information, DPPA protects the privacy of personal information maintained by state motor vehicle departments, and GLBA requires financial institutions to safeguard sensitive customer information. Authenticate® ensures compliance with FCRA, DPPA, and GLBA by implementing appropriate data protection measures, obtaining necessary consent, and adhering to strict data handling procedures.