Compliance
SOC 2 Compliance
Firework has completed the Service Organization Control (SOC) 2 Type 2 Audit certification established by the American Institute of Certified Public Accountants. The certification affirms that Firework meets the highest standards of information security, availability, confidentiality, and privacy.
SOC 2 Type 2 Certification is an elective security and privacy standard established by the American Institute of Certified Public Accountants (AICPA). Viewed by many as the gold standard for information security compliance, SOC 2 provides valuable information that existing and potential customers need to assess and address the risks associated with an outsourced service.
The following principles and related criteria have been developed by the AICPA for use by practitioners in the performance of trust services engagements:
- Security: The system is protected against unauthorized access (both physical and logical).
- Availability: The system is available for operation and use as committed or agreed.
- Processing Integrity: System processing is complete, valid, accurate, timely, and authorized to meet the entity’s objectives.
- Confidentiality: Information designated as confidential is protected as committed or agreed.
- Privacy: Personal information is collected, used, retained, disclosed, and disposed of to meet the entity’s objectives.
- HIPAA Security Rule Requirements: The system is compliant with the applicable HIPAA Security Rule requirements set forth in the U.S. Department of Health and Human Services’ (HHS) Health Information Portability and Accountability Act.
SOC 2 Compliance
Firework has completed the Service Organization Control (SOC) 2 Type 2 Audit certification established by the American Institute of Certified Public Accountants. The certification affirms that Firework meets the highest standards of information security, availability, confidentiality, and privacy.
SOC 2 Type 2 Certification is an elective security and privacy standard established by the American Institute of Certified Public Accountants (AICPA). Viewed by many as the gold standard for information security compliance, SOC 2 provides valuable information that existing and potential customers need to assess and address the risks associated with an outsourced service.
The following principles and related criteria have been developed by the AICPA for use by practitioners in the performance of trust services engagements:
- Security: The system is protected against unauthorized access (both physical and logical).
- Availability: The system is available for operation and use as committed or agreed.
- Processing Integrity: System processing is complete, valid, accurate, timely, and authorized to meet the entity’s objectives.
- Confidentiality: Information designated as confidential is protected as committed or agreed.
- Privacy: Personal information is collected, used, retained, disclosed, and disposed of to meet the entity’s objectives.
- HIPAA Security Rule Requirements: The system is compliant with the applicable HIPAA Security Rule requirements set forth in the U.S. Department of Health and Human Services’ (HHS) Health Information Portability and Accountability Act.