Compliance
Inpera is committed to meeting regulatory requirements.
Current Compliance
| Standard | Status |
|---|---|
| GDPR | โ Compliant |
| CCPA | โ Compliant |
| SOC 2 Type II | ๐ In Progress |
| ISO 27001 | ๐ Planned |
| HIPAA | โ Enterprise |
GDPR
We comply with GDPR requirements:
- Lawful basis: Consent and legitimate interest
- Data minimization: Collect only what's needed
- Right to access: Export your data anytime
- Right to erasure: Delete account and data
- Data portability: Export in standard formats
- Breach notification: Within 72 hours
CCPA
California Consumer Privacy Act compliance:
- Right to know what data is collected
- Right to delete personal information
- Right to opt-out of data sale (we don't sell data)
- Non-discrimination for exercising rights
SOC 2
SOC 2 Type II certification in progress:
- Trust principles: Security, Availability, Confidentiality
- Expected completion: Q2 2025
- Independent auditor: [Auditor Name]
HIPAA (Enterprise)
For healthcare organizations:
- Business Associate Agreement (BAA) available
- PHI handling procedures
- Additional encryption and access controls
- Dedicated compliance support
Data Processing Agreement
DPA available for enterprise customers:
- Standard contractual clauses
- Sub-processor list
- Data handling procedures
Request DPA: [email protected]
Compliance Documents
Available on request:
- Security questionnaire
- Penetration test summary
- Insurance certificates
- Architecture diagrams
Contact
For compliance inquiries:
- Email: [email protected]
- Response time: 48 hours