The Service Organization Control (SOC) 2 examination is based on the America Institute of Certified Public Accountants (AICPA) Trust Service Criteria compliance relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy.
This certification is completed by an independent auditor and evaluates the controls at a service organization relevant to security, availability, and processing integrity of the systems the service organization uses to process users’ data and the confidentiality and privacy of the information processed by these systems.
The General Data Protection Regulation (GDPR) is a privacy and security law drafted and passed by the European Union (EU). GDPR imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. The regulation was put into effect on May 25, 2018.
With the GDPR, Europe is signaling its firm stance on data privacy and security at a time when more people are entrusting their personal data with cloud services and breaches are a daily occurrence.
The Privacy Shield program is administered by the U.S. International Trade Administration (ITA). The Privacy Shield Principles lay out a set of requirements governing participating organizations’ use and treatment of personal data received from the EU and Switzerland. By joining the Privacy Shield, participants make a commitment to comply with these Principles that is enforceable under U.S. law.