At Encord, security is a priority for all employees. Everyone working at Encord has to take part in an annual HIPAA training program and annual SOC 2 security training.
SOC 2 Compliance
Encord has successfully completed its Systems and Organizational Control (SOC)-2 Examination. In doing so Encord maintains its adherence to one of the most stringent, industry-accepted compliance frameworks for service organizations and provides additional assurance to its clients, through an independent auditor (Dansa D'Arata Soucia LLP), that its business process, information technology and risk management controls are properly designed.
Encord utilizes enterprise-grade best practices to protect our customers' sensitive health information and uses Drata to verify its security, privacy, and HIPAA compliance controls. Drata's HIPAA product provides an automated approach to ensuring that organizations can demonstrate compliance.
Continuous Security Control Monitoring
Encord uses Drata's automation platform to continuously monitor security controls across the organization. Automated alerts and evidence collection allow Encord to confidently prove its commitment to protecting your sensitive health information while fostering a security-first mindset and culture of compliance across the organization.
Encord utilises a variety of manual and automatic data security and vulnerability checks throughout the software development lifecycle.
Any data passing through the Encord platform is encrypted both in-transit using TLS and at rest.
If you believe you've discovered a bug in Encord's security, please get in touch at firstname.lastname@example.org. Our security team promptly investigates all reported issues.