← Back to Home

Compliance & Security

Enterprise-grade security and regulatory compliance for your peace of mind

HIPAA Compliant

Healthcare data protection

GDPR Ready

EU data protection

SOC 2 Type II

Security controls

ISO 27001

Information security

HIPAA Compliance

Healthcare Data Protection

Our Voice AI Agent and other services are designed to be HIPAA compliant when handling protected health information (PHI). We implement comprehensive safeguards to ensure healthcare data remains secure and private.

Business Associate Agreements (BAAs)
Encryption of PHI in transit and at rest
Access controls and audit logging
Employee training on HIPAA requirements
Regular security risk assessments

Technical Safeguards

  • • Multi-factor authentication
  • • Role-based access control
  • • Automatic session timeout
  • • Data loss prevention
  • • Intrusion detection systems
  • • Regular vulnerability scanning

GDPR Compliance

EU Data Protection

We comply with the General Data Protection Regulation (GDPR) for all EU customers. Your data rights are protected regardless of your location.

Right to access your data
Right to rectification
Right to erasure ('right to be forgotten')
Right to data portability
Right to object to processing
Data protection impact assessments

Data Processing Principles

  • • Lawfulness, fairness, and transparency
  • • Purpose limitation
  • • Data minimization
  • • Accuracy
  • • Storage limitation
  • • Integrity and confidentiality

SOC 2 Type II Compliance

Security Controls

Our SOC 2 Type II report validates our commitment to security, availability, processing integrity, confidentiality, and privacy of customer data.

Annual independent audits
Security incident response procedures
Change management controls
Risk assessment processes
Vendor management programs
Business continuity planning

Trust Services Criteria

  • • Security: Protection against unauthorized access
  • • Availability: System accessibility for operations
  • • Processing: Complete, accurate, timely processing
  • • Confidentiality: Information restricted to authorized parties
  • • Privacy: Personal information collection and use

Additional Compliance Standards

ISO 27001

International standard for information security management

  • ISMS framework
  • Risk management
  • Continuous improvement

CCPA/CPRA

California Consumer Privacy Act compliance

  • Consumer rights
  • Data transparency
  • Opt-out mechanisms

PCI DSS

Payment Card Industry Data Security Standard

  • Card data protection
  • Secure transmission
  • Access controls

Our Security Commitment

24/7 Monitoring

Continuous security monitoring and threat detection

Regular Audits

Quarterly security assessments and penetration testing

Employee Training

Ongoing security awareness and compliance training

Incident Response

Rapid response team for security incidents

Compliance Inquiries

For questions about our compliance programs or to request documentation, please contact our compliance team.

Email: compliance@shakan.ai

Phone: +1 (555) 123-4567