Security

Compliance

SOC2 - Service Organization Controls (Soc2) (Type II) Trust Services Principles

SOC2 compliance ensures that Conduit has controls in place to process and manage customer’s data. Compliance shows the excellence of controls in the realms of security, availability, and confidentiality.

HIPAA - Health Insurance Portability and Accountability Act

HIPAA is a federal law that requires the creation of standards and controls to protect electronic protected health information (ePHI) from being disclosed.

ISO 27001 - ISO 27001:2013 Certification

ISO/IEC 27001 is an international standard for information security management systems (ISMS). Certification shows that an organization has put in place a system to manage risks related to the security of data owned or handled by the company, and that this system respects all the best practices and principles within this International Standard.

ISO 27018 - ISO 27018:2019 Certification

ISO/IEC 27018 It is an add-on to ISO 27001 and is an international standard on privacy in cloud computing services.

Health Data Hosting

Conduit is HDS (Hébergeur de Données de Santé) certified. Conduit customers are required to comply with applicable data protection legislation and local regulations with regards to personal health information. Customers that work with or in the French healthcare industry must comply with the PGSSI-S (global information security policy for the healthcare sector) and are required to implement a health information system in compliance with the PGSSI-S.

CSA - Cloud Security Alliance

CSA is a not-for-profit organization that put together best practices for a company to follow to help ensure a secure cloud computing environment.

Last updated