Compliance

  • SOC 2 Type 2 Report - Upon request, we provide clients our annual SOC 2 Type 2 Report prepared by an external auditor in accordance with the guidelines established by AICPA.
  • SOX - If you are required to comply with the Sarbanes-Oxley Act, our risk and compliance manager will help you prepare for your SOC 1 or SOC 2 audit with any information your auditor may require about our controls, system, or processes.
  • HIPAA - CLARIFIRE® can be used to process protected health information (PHI), qualifying us as a business associate under HHS rules. So we designed our security and trust services controls to conform fully to HIPAA. Our annual HIPAA Risk Assessment is available upon request.
  • CCPA & CPRA - Clarifire qualifies as a “service provider” under California law and complies with their privacy legislation. Our risk and compliance manager can provide evidence to support your CCPA and CPRA compliance requirements.
  • GDPR - If you collect data from European residents, you are required to comply with the General Data Protection Regulation (GDPR). Our security and trust services controls are mapped to GDPR requirements to help you demonstrate compliance.
  • New Privacy Legislation - Clarifire continually monitors the legal environment for new privacy legislation. Our compliance program is proactive, not reactive.
SOC