Autocene Cloud Compliance Program
Organizations today are facing ever increasing pressures from regulations.
Autocene Cloud makes it easy to balance compliance and innovation with
our comprehensive security and compliance program.
Meets the most stringent global industry standards.
Undergoes multiple independent third-party security audits.
Validates that controls are protecting customer data.
Delivers advanced governance capabilities.
SOC 2
SOC 2 reports are intended to meet the needs of a broad range of users that need to understand internal controls at a service organization as it relates to applicable Trust Services Principles and Criteria which include security, availability, processing integrity, confidentiality and privacy trust principles.
Type II compliance reports on the fairness of presentation of management’s description of a service organizations system and the suitability of the design and operating effectiveness of controls over period of time, not just a point in time.
The SOC 2 Type II report provides a detailed review, by an independent audit firm, of Autocene’s security, availability, and confidentiality controls.
ISO/IEC 27001:2013
An international standard for information security and risk management, ISO/IEC 27001:2013 protects organizations in all industries and sectors across the globe.
The ISO 27001:2013 standard calls for organizations to implement an appropriate Information Security Management System (ISMS), which ensures management, operational, and technical security controls are operating effectively.
By becoming certified in ISO 27001:2013, Autocene demonstrates it has reached a high level of security maturity. With a goal of providing the most robust security possible, Autocene has put controls in place to manage or eliminate security risks, enabling customers to trust that their confidential data is protected.
HIPAA Compliant
The United States Health Insurance Portability and Accountability Act of 1996 (HIPAA) regulates the security and privacy of Protected Health Information (PHI).
Autocene Cloud is compliant with the HIPAA security requirements. With HIPAA compliance, customers can securely process and store protected health information (PHI) in Autocene Cloud after executing a Business Associate Agreement.
508 / VPAT
The Rehabilitation Act of 1973, Section 508, requires that Federal agencies’ electronic and information technology is accessible to people with disabilities.
The Voluntary Product Accessibility Template (VPAT) is a tool used to document a product’s conformance with the accessibility standards under Section 508 of the Rehabilitation Act.
Autocene has completed the VPAT and the Autocene Platform is compliant with Section 508.
ISO 27017:2015
The ISO 27017:2015 standard establishes additional control requirements specifically for cloud service providers including the management of cloud infrastructure.
By becoming certified in ISO 27017:2015, Autocene Cloud demonstrates it has reached a high level of security maturity. With a goal of providing the most robust security possible, Autocene has put the necessary controls in place to manage or eliminate security risks, enabling customers to trust that their data is protected. This ISO certification applies to all Autocene Cloud customers worldwide as it expands on our existing ISO 27001 certification framework.
ISO 27018:2019
The ISO 27018:2019 standard provides additional requirements for effective security and management of personally identifiable information (PII) within cloud environments.
By becoming certified in ISO 27018:2019, Autocene Cloud demonstrates it has reached a high level of security and PII protection maturity. Autocene has put the necessary controls in place to manage or eliminate security risks, enabling customers to trust that their personally identifiable information is protected. This ISO certification applies to all Autocene Cloud customers worldwide as it expands on our existing ISO 27001 certification framework.
