To ensure your data is handled in the most secure standards, Springbuk holds the HITRUST Risk-based, 2-year Certification, the highest standard of information protection certifications.
In addition, Springbuk has achieved third-party validated SOC 2 Type 2 compliance for the seventh year in a row. These prestigious statuses represent efforts met with industry-defined requirements in keeping your data safe and managing risk appropriately.
The HITRUST CSF provides the structure, transparency, guidance, and cross-references to authoritative sources organizations globally need to be certain of their data protection compliance. The initial development of the HITRUST CSF leveraged nationally and internationally accepted security and privacy-related regulations, standards, and frameworks–including ISO, NIST, PCI, HIPAA, and GDPR–to ensure a comprehensive set of security and privacy controls and continually incorporates additional authoritative sources. The HITRUST CSF standardizes these requirements, providing clarity and consistency and reducing the burden of compliance.
The commitment and expertise demonstrated by HITRUST ensure that organizations leveraging the framework are prepared when new security and privacy regulations and risks are introduced.
By including federal and state regulations, standards, and frameworks, and incorporating a risk-based approach, the HITRUST Assurance Program helps organizations address security and data protection challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.READ THE PRESS RELEASE
The Service Organization Control (SOC) 2 Type II examination demonstrates that an independent accounting and auditing firm has reviewed and examined an organization’s control objectives and activities, and tested those controls to ensure that they are operating effectively.
Springbuk's third-party validation was provided by Crowe LLP, a public accounting, consulting, and technology firm that utilizes its deep industry expertise to provide audit services to public and private entities. This validation provides reasonable assurance in Springbuk’s handling of sensitive information.