SendBird adds SOC2 Type 2 Report to HIPAA, ISO27001, and GDPR in less than a year
February 1, 2019
SendBird is elated to announce that it has received a SOC2 Type 2 report for successfully completing the SOC2 examination, demonstrating to its customers that it upholds the highest standards for the five trust service criteria: security, privacy, availability, confidentiality, processing integrity of our client’s chat and messaging data.
Ensuring that security and privacy of our clients’ data is a key objective for SendBird.
In less than a year, we’ve complied with GDPR, achieved ISO27001 and HIPAA compliance, and, now, we’ve added the SOC2 Type 2 report to the list of assurances that your data is protected. You can read our press release here.
SOC2, governed by the American Institute of Certified Public Accountants, is a report that gives detailed information and assurances to business partners and users about a service according to the standardized trust service criteria. There are two reports: Type 1 and Type 2. Type 1 gives assurances that the design of a processing system meets requirements, whereas Type 2 details the effectiveness of that design’s operation. Since SendBird received the Type 2 report, customers can be confident that our day-to-day operations effectively protect their chat and messaging data.
The SOC2 examination is administered by an independent auditor to confirm SendBird’s compliance with the 5 trust service criteria:
Security - SendBird protects its system from unauthorized access.
Availability - SendBird delivers the performance needed by its clients in accordance with our SLA and ensures performance, availability, and failover protection.
Confidentiality - SendBird severely limits access to client data to only necessary parties and ensures that data is not accessible in transit (i.e. it is encrypted).
Processing integrity - SendBird processes data in an accurate, timely, and authorized manner.
SOC is also the standard framework for measuring the control of financial information, so it sets a high standard on the control of any sensitive personal information. This is good news for current and potential customers in financial services, healthcare, insurance, human resources, or any business that deals with personal information.
Customers may request a copy of the SOC2 Type 2 report for the verified details of our systems and protections under a non-disclosure agreement and at SendBird’s discretion.