Certifications and Compliance

CloudFactory is dedicated to process excellence, workforce management, and data security. To that end, we pursue certifications and explore new initiatives that give you confidence in our ability to minimize risk, sustain long-term partnerships, and meet your security and compliance requirements.

ISO 9001:2015

Quality Management

The International Organization for Standardization (ISO) 9001:2015 certification demonstrates that CloudFactory has adopted the International Standard on Quality Management system and that our processes are well defined, managed, and resourced. This certification also illustrates our ability to consistently provide high-quality services, work ethically to comply with applicable regulatory requirements, and exercise great care in protecting your data.

ISO 9001 Quality Management Systems Certified

ISO 27001

Information Security

CloudFactory’s International Organization for Standardization (ISO) 27001 certification assures you that our Information Security Management System has been tested and audited in accordance with internationally accepted standards. The certification also means that we implemented a robust risk management process to regularly identify and manage data security risks, and that we satisfy client requirements for industry-standard certifications and high levels of security capabilities.

ISO-IEC 27001 Information Security Management Certified

SOC 2

Data Security

The Service Organizational Control (SOC) 2 report is considered the benchmark for trust in data security, conforming to the standards of the American Institute of Certified Public Accountants. In practice, CloudFactory’s SOC 2 accreditation means that we have the infrastructure, tools, and processes in place to protect your information from unauthorized access— both from within and outside of the company. Each year, an external, accredited firm audits CloudFactory to affirm our strong commitment to respecting and protecting your data.

SOC 2

HIPAA

Compliant Business Associate

To better serve healthcare providers and other covered entities, CloudFactory team members and data analysts have been trained to secure and safeguard protected health information (PHI). In 2022, a third-party assessed CloudFactory against the Health Insurance Portability and Accountability Act (HIPAA) Business Associate security rules, which led to an attestation of compliance. As a HIPAA Compliant Business Associate, CloudFactory has proven its ability to assist in the process of transmitting, storing, and analyzing PHI.

HIPAA Compliant Business Associate

GDPR

Personal Data Privacy

The General Data Protection Regulation (GDPR) gives individuals in the European Union greater control over how organizations process and control their personal data. CloudFactory is committed to adhering to GDPR as evidenced by our robust data security practices and compliant privacy policy.

GDPR