Announcement: Hasura Cloud Achieves SOC2 Type 1 and HIPAA Compliance Certifications

Hasura Cloud has reached a new milestone by achieving SOC2 Type 1 and HIPAA compliance certifications by an independent auditor.

With our Standard plan, you can now be confident in Hasura Cloud’s ability to securely store and transmit your data, and pass the requirements of your organization’s IT department.

Hasura Cloud provides several additional capabilities on top of our open-source version:

• Managed Service: Hasura Cloud takes care of all the infrastructure, providing high-availability and auto-scaling, so you don’t have to set up and maintain servers and infrastructure.  Signing up and creating a project literally takes one minute!
• Additional Features: Caching, analytics, and application performance monitoring (APM) integration with services like Datadog are available to increase performance and monitor your workload.

Hasura Cloud is secure, highly available, and will maintain the confidentiality of your data.  Below are some additional details that illustrate why it’s time to consider it for your application architecture whether you’re in healthcare, financial services, manufacturing, or retail.

To achieve our SOC2 Type 1 certification, we implemented an exhaustive list of security controls including technical safeguards like penetration testing by an independent security firm, vulnerability scans and encryption, and process measures such as security training and disaster recovery planning.  

Hasura Cloud delivers security, high availability, and confidentiality - you can be confident you can make it part of your mission-critical infrastructure and pass the requirements of your organization’s IT department.  

The audit report is available on request, under an NDA. As a further demonstration of our commitment to ensuring security for all our users, Hasura Cloud will also be undergoing a SOC2 Type 2 audit in Q2 2021.

Hasura Cloud’s HIPAA compliance has been audited by an independent third party, and includes controls  just as stringent as that of healthcare organizations to protect the privacy, security, and integrity of protected health information (PHI).  Examples of PHI include names, addresses, phone numbers, Social Security numbers, medical records, and financial information.

This means that you can safely consider Hasura Cloud for healthcare initiatives like processing electronic health records and medical billing to drive efficiencies and create better patient health outcomes and user experiences.  

As part of Hasura Cloud’s Enterprise plan, we can also sign Business Associate Agreements (BAA) with our customers as needed.

If you haven’t tried Hasura Cloud, I encourage you to give it a try and see how quickly you can create a GraphQL API from an existing database.  Check out our Getting Started guide, as well as our online tutorials!