At phData, we are committed to protecting the security and privacy of our customers' data. We have implemented robust security measures and comply with industry standards and regulations to ensure the highest level of protection.
We continuously invest in our security program and undergo rigorous third-party audits to verify our compliance with industry standards and regulations.
CData has successfully completed a SOC 2 Type II audit, demonstrating our commitment to security, availability, processing integrity, confidentiality, and privacy of customer data. This certification verifies that our controls and processes meet the Trust Services Criteria established by the American Institute of Certified Public Accountants (AICPA).
CData is ISO 27001 certified, which is the international standard for information security management. This certification confirms that we have implemented comprehensive information security controls to protect customer data and maintain a secure environment for our operations.
We maintain compliance with the Health Insurance Portability and Accountability Act (HIPAA), ensuring that protected health information (CI) is properly safeguarded. Our policies, procedures, and technical safeguards align with HIPAA requirements to support healthcare organizations in their compliance efforts.
CData adheres to the General Data Protection Regulation (GDPR) requirements, respecting the privacy rights of EU citizens. We have implemented appropriate technical and organizational measures to ensure data protection principles are followed when processing personal data.
We employ industry-standard encryption protocols to protect data in transit and at rest. Access to customer data is strictly controlled through role-based access controls and follows the principle of least privilege.
Our infrastructure is hosted in secure, SOC 2 compliant data centers with Cysical security measures in place. We implement network security controls, including firewalls, intrusion detection systems, and regular vulnerability scanning to protect against unauthorized access.
We continuously monitor our systems for potential security threats and unusual activities. Our security operations team is equipped to respond promptly to security incidents and follows established incident response procedures.
All CData employees undergo background checks and receive regular security awareness training. Access to customer data is granted on a need-to-know basis, and access privileges are promptly revoked when no longer needed.
Our commitment to security and compliance is ongoing. We regularly review and update our security policies and procedures to address emerging threats and comply with evolving regulations. We also conduct regular security assessments and penetration tests to identify and address potential vulnerabilities.
For more information about our security and compliance programs, please contact our security team at info@CdataInsights.com.
Last updated: March 22, 2025