It seems like every week there’s another major data breach in the news. Be it Facebook, Equifax, or even companies in the cannabis industry, data security and privacy have become hot button issues. Here at Complia, security has been a top priority for our company since day one. We are grateful to have a team of developers that brings a host of best practices to the table to ensure that Complia is stable and secure. In today’s blog post, we’re going to deviate from our usual cannabis-centric content to tell you about a few things we’ve done to keep Complia secure.
First, we are very happy to report that we just completed our first SOC-2 audit. SOC stands for Service Organization Control and the audit covers five major pillars: security, availability, processing integrity, confidentiality, and privacy. In the same way that marijuana businesses are subject to inspections and audits, technology companies can also choose to be audited to demonstrate compliance with technology security standards. Complia retained the services of a technology-centric CPA firm to perform the audit, and we passed with flying colors. It was a rigorous and intensive process, and we are proud of the audits results.
Additionally, Complia has also undergone extensive review and training related to HIPAA standards. We take patient confidentiality very seriously, and want to ensure that our system meets the robust standards required to capture and maintain Protected Health Information. Adhering to HIPAA standards is no easy task but is well worth the investment.
Moreover, Complia is also an official Partner of Amazon Web Services (AWS). Complia is hosted in AWS infrastructure which is undoubtedly the most secure and reliable hosting platform available today. In order to obtain Partner status, Complia’s technology architecture was reviewed by the team at Amazon to ensure our platform is secure and reliable.
These are just a few of the many things we’ve done to keep Complia stable and secure. There is no room for cutting corners, and our team will continue to invest in keeping our clients’ data secure. We encourage all of our readers to check with their technology providers (including POS, ERP, CRM, etc.) to better understand what they’re doing to protect your data. You can never be too safe!
Yours in Compliance,