Privacy Commitments & Policy
Data handling ethics
We’re always mindful that there are real people behind each row of data and that each of them would want us to treat their data with the same level of care as we would with our own data. We also recognize that our work and the decisions we drive can have real impact on these individuals. For these reasons, we pledge to always review our models, predictions, and reports to identify unintended biases and results.Learn More
Technical Security Measures
Civis deploys robust technical, physical, and administrative security measures to protect your most sensitive data assets. These include network, application, and database-level risk and compliance tools that protect your most sensitive data assets. We offer many leading-edge security services such as single sign-on (SSO), two-factor authentication, multiple layers of encryption, and data isolation. More importantly, we constantly test and evaluate our systems and never stop seeking to improve our security measures.
Civis is proud to be HIPAA-compliant, ensuring the proper physical, technical, and administrative security and privacy safeguards are in place to serve as a Business Associate for Covered Entities who trust us with their protected health information (PHI). This allows healthcare organizations to leverage our science and technology to improve their patient engagement and outreach.Learn More
With the onset of EU’s General Data Protection Regulation (GDPR), we’ve taken extra steps and implemented internal policies and procedures that comply with GDPR’s requirements. We’re also certified to the EU-US Privacy Shield.
Soc 2 Type II
We’re so proud to say that ours is one of the few cloud-based data science platforms that is both SOC 2 Type II-certified and HIPAA-compliant -- two of the most stringent data protection standards available. To learn more, read our SOC 3 report report (an executive summary of our SOC 2 report).Learn more