Protecting customer data is our highest priority. Goodbay has comprehensive security and compliance programs in place. We have designed our network to maximize security and have the following certifications in place:
AICPA / SOC 2
Goodbay has achieved SOC 2 Type II certification. SOC is a proven system that’s designed to keep sensitive clients data secure. Obtaining certification required demonstrating standard operating procedures for organizational oversight, vendor management, risk management, and regulatory oversight. Independent certified public accountants audited Goodbay to determine that we have the appropriate SOC safeguards and procedures in place.
Goodbay’s offshore partner is ISO certified. ISO/IEC 27001 establishes requirements for an information security management system (ISMS). There are more than a dozen standards in the ISO/IEC 27000 family. Using them enables the organization of any kind to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties.
The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas. Goodbay is fully compliant with all GDPR requirements.
The Health Insurance Portability and Accountability Act (HIPAA) has become the foundational data protection standard for U.S. healthcare. It was created to modernize the flow of healthcare information, stipulate how personally identifiable information should be protected, and address limits on health insurance coverage.