Ksana Health Achieves SOC2 Type 2 Compliance for HIPAA and GDPR

Ksana Health completed its first third-party assessment for security and privacy controls, receiving unqualified approval attesting to the strength of our controls and compliance with best practices and statutory requirements, including:

  • AICPA, Trust Services Criteria
  • HIPAA Security Rule
  • HIPAA Privacy Rule
  • GDPR Controls Mapping


What is SOC 2 Type 2?

SOC 2 Type 2 report is an internal controls report capturing how a company safeguards data and how well those controls are operating. Companies that use cloud service providers use SOC 2 reports to assess and address the risks associated with third-party technology services. Independent third-party auditors issue these reports covering the Trust Services Criteria including Security, Availability, Integrity, Confidentiality, and Privacy.

AICPA Trust Services Criteria

The SOC 2 examination was conducted according to attestation standards developed and managed by the American Institute of Certified Public Accountants (AICPA), and provides detailed information related to, and assurance of, an entity’s controls surrounding the security, availability, and processing integrity of the systems used to process users’ data and the confidentiality of the data processed by these systems.

HIPAA Security & Privacy Rules

The controls embodied in the Healthcare Insurance Portability and Accountability Act (HIPAA) Security Rule and Privacy Rule, as defined in United States federal regulations 45 C.F.R. § 160 to 164, were evaluated and deemed compliant with the statute. Ksana Health is ready to act as a trusted Business Associate as we work together to improve health equity and mental health outcomes.

GDPR Controls Mapping

Ksana Health’s privacy controls were mapped to the European Union’s General Data Protection Regulation and were approved as meeting this standard.


Our Commitment to Security and Privacy

As part of our ongoing commitment to providing a best-in-class cloud network service, we take security and privacy seriously. Ksana Health was able to implement the required SOC 2 guidelines in an extremely short time frame due to the company’s advanced IT infrastructure and the modern architecture used in our EARS and Vira platforms.

“Ksana Health is proud to meet the highest standards with our approach to security and privacy, which is critical so that we can be a trusted partner for our customers,” said Dr. Nick Allen, CEO & Co-Founder, of Ksana Health. “Our clients need comprehensive assurances including confidence in the security, availability, processing integrity, confidentiality, and privacy of their data and the way they are stored and managed.”

Ksana Health customers, prospects, and partners may receive a copy of the SOC 2 report upon request. For more information on Ksana Health and the Vira and EARS products, please visit www.ksanahealth.com/privacy-policy/ or email privacy@ksanahealth.com

Nick Allen

2 September 2022

Share on:

Recent Articles

Enhancing Behavioral Health Care: Insights from the 2023 Society for Digital Mental Health Conference

Contributed by Lauren Weiner, Ksana Health Director of Clinical Science. On June 21, 2023, Ksana Health recently attended the 2023 Society for Digital Mental Health Conference. The event highlighted the role of...

Continue reading

Ksana Health selected to join the Beyond Language Studio!

Ksana Health is jazzed to be selected to join the Beyond Language Studio, a collaboration between Sorenson and Newlab supporting deep-tech startups building high-impact, innovative products, and services through real-world pilot projects. The...

Continue reading

Ksana Health 2022 Highlights (in Video)

For Ksana Health, 2022 was a year of perseverance, learning and optimization. We are grateful to all the partners, collaborators and supporters who made the year what it was. The video below...

Continue reading