Security and Certifications
Data security is our top priority.
Kaseware is SOC 2 Type 1 and SOC 2 Type 2 compliant. SOC 2 is an accreditation from the American Institute of Certified Public Accountants — an independent third-party examination. This audit demonstrates our compliance in all five trust service principles: security, confidentiality, processing integrity, availability, and privacy. In other words, their evaluation can play an important role in:
- Oversight of the organization.
- Vendor management programs.
- Internal corporate governance and risk management processes.
- Regulatory oversight.
Kaseware adheres to all state CJIS policies in the states that it supports. CJIS stands for the Criminal Justice Information Service Division. CJIS provides criminal justice information (CJI) to local, and federal law enforcement and criminal justice agencies access. Specifically, CJI includes fingerprint records and criminal histories. The policies set forth by CJIS apply to all agencies and private contractors who process CJI. They must sign the CJIS Security Addendum, a uniform agreement approved by the US Attorney General to ensure security and confidentiality. At the same time, the agreement limits CJI use to the purposes for which it was provided.
OUR SERVICE PROVIDERS
Kaseware proudly holds our service providers to our same extremely high standards. For example, our data centers and other key suppliers undergo regular audits to validate their practices. We review these reports carefully and proactively address any areas of concern.