Gradient is Now SOC 2 Compliant
Aug 28, 2023
What is SOC 2 compliance?
SOC 2 is a process a company undergoes to assure their customers that their data is securely managed to protect their interests as well as the privacy of their users. SOC 2 defines five trust service principles for managing customer data: security, availability, processing integrity, confidentiality, and privacy.
External auditors like Johanson Group determine whether a vendor complies with one or more of the five trust principles based on the systems and processes in place, and issue a certificate of compliance. In addition to Johanson Group, we leveraged Secureframe to automate our SOC 2 certification process.
Why is SOC 2 certification important for a company like Gradient?
Many of our customers operate in highly regulated industries like healthcare and financial services, and trust us to keep their form data secure. This certification recognizes that our security and privacy policies are compliant with the standards established by the American Institute of Certified Public Accountants (AICPA). By undergoing a SOC 2 audit, our controls and processes were validated by a third-party who attests to the functioning of the controls relevant to our application.
A SOC 2 certification assures our customers that Gradient maintains a high level of information security. It gives our customers even greater peace of mind.
What other security standards does Gradient adhere to?
Gradient is also HIPAA compliant. This means that we follow a set of regulatory guidelines that outline how Protected Health Information (PHI) can be used and disclosed in a lawful manner.
Want to learn more?
If you’d like a copy of Gradient’s SOC 2 Type I report, contact our team at firstname.lastname@example.org.