HIPAA Compliance Support
Stormpath enables covered entities and their business associates subject to the U.S. Health Insurance Portability and Accountability Act (HIPAA) to leverage the Stormpath secure authentication and user management service to process, maintain, and store protected health information. Stormpath is able to sign business associate agreements (BAAs) with such customers.
SOC 2 Compliance
Stormpath has achieved SOC 2 certification based upon the results of a rigorous and detailed examination by independent third-party auditors. The auditors evaluated the suitability of the design of controls related to the security principle set forth by the AICPA, and found that Stormpath’s controls met the standard for SOC 2 certification in all material respects. To request a copy of Stormpath’s SOC 2 report, please email [email protected]
EU-US Privacy Shield Compliance
Stormpath complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. Stormpath has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. To learn more about the Privacy Shield program, and to view our certification page, please visit www.commerce.gov/privacyshield
1825 S Grant Street, Ste 450
San Mateo, CA 94402
Attn: Compliance Dept.