Encyro's AICPA SOC2 Compliance
Encyro maintains and monitors compliance with trust service criteria established by the AICPA as part of the SOC2 standard for service organizations.
Encyro’s compliance has been reviewed and attested to by independent and qualified third party audit firm.
A letter of attestation is available by contacting support. The full SOC2 audit report is also available under an NDA.
Using Encyro can help your organization satisfy many of the important controls for your own SOC2 compliance.
Related articles
-
Configuring Compliance Settings
(If your Encyro account is part of an organization, see organizational compliance settings.) To enable or edit compliance settings, go to your account Sett...
-
How do I see my account Audit Trails (Activity Logs)?
My compliance standard requires me to review audit trails or activity logs. Where can I find my Encyro account activity logs? What will see in my audit tra...
-
Can I enable compliance if I login using my Google/Facebook account?
You will be required to create an Encyro account password to enable the following compliance settings: Require strong password for account login. Automatic...
-
What country does Encyro operate from?
Encyro Inc is based in the United States of America, and is subject to US laws and regulations. Your data in your Encyro account is stored in our data cen...
-
I only need to send (not receive) secure messages, do I need Pro?
I will be sending patient medical records or client files but not receiving anything from them. Do I need Encyro Pro? If you do not need Encyro Pro to crea...
-
SEC Regulations
The SEC Regulation Title 17: Chapter II, Part 248, Subpart A: §248.30 requires every broker, dealer, and investment company, and every investment adviser ...
-
Is Encyro HIPAA Compliant?
Can I use Encyro for HIPAA compliance? Can I store and send patient information using Encyro? Encyro complies with Health Insurance Portability and Account...
-
Access Audit Logs for Other Users
A user with data manager permissions (Can set compliance... permission) can access activity logs for any user within the organization. This may be used for...
-
PCI-DSS
PCI-DSS requires safeguarding credit card data that you receive. Email is not a secure way to ask a customer to provide their credit card information to se...
-
DFARS compliance
Can I use Encyro to store data subject to Defense Federal Acquisition Regulation Supplement (DFARS) compliance, or data security regulations subject to def...