Contact Us for Security Questionnaires and Assessment Reports at support@authenticate.com
AuthenticateĀ® rigorously adheres to several critical security and privacy regulations to ensure the protection of sensitive user information across various domains:
1. SOC 2 Type 2 and HIPAA Compliance: Ensuring Protection of Sensitive Data
- SOC 2 Type 2 Compliance: As a framework by the American Institute of Certified Public Accountants (AICPA), SOC 2 Type 2 demands that service providers manage data securely over time, focusing on security, availability, processing integrity, confidentiality, and privacy. AuthenticateĀ® meets these standards, safeguarding user data from unauthorized access.
- HIPAA Compliance: This act mandates that any entity handling protected health information (PHI) must implement comprehensive physical, network, and procedural security measures. AuthenticateĀ® meets these requirements through rigorous security protocols and regular audits.
2. PCI DSS Compliance: Securing Credit Card Information
- PCI DSS Compliance: Governed by major credit card companies, this set of standards ensures that all entities that process, store, or transmit credit card information uphold a secure environment. AuthenticateĀ® adheres to these standards through strong security practices like encryption and regular security assessments.
3. Global and Regional Data Protection and Privacy Compliance: GDPR, CCPA, FCRA, DPPA, and GLBA
- GDPR Compliance: This regulation requires protections for personal data within the EU. AuthenticateĀ® complies by enforcing strict data handling procedures and ensuring data subject rights.
- CCPA Compliance: Enhancing privacy for California residents, the CCPA gives consumers rights over their personal data. AuthenticateĀ® aligns with these rights through transparent data practices and responsive consumer controls.
- FCRA, DPPA, and GLBA Compliance: These U.S. laws regulate consumer information use and disclosure. AuthenticateĀ® adheres to these standards by maintaining appropriate data safeguards and consent protocols.