Carbonite Certifications
- This article is for Windows and Mac
Summary:
Below is a list of certificates and/or compliance with various financial and privacy-related protocols and standards.
Solution:
Standards/Regulations | Applicable Information | |
SOC 2, Type 2 |
Service Organization Controls. The teams supporting Carbonite’s service offering are annually audited by a third party firm to ensure the security, confidentiality and availability of the product and your data. If you require a copy of our Soc 2 Audit form, please contact Carbonite Customer Care. |
|
HIPAA |
Health Insurance Portability and Accountability Act of 1996 (HIPAA) is United States legislation that provides data privacy and security provisions for safeguarding medical information. Carbonite operates internal controls to support HIPAA and requires healthcare customers to execute a Business Associates Agreement (BAA). To execute our BAA, please contact Carb-CSA@opentext.com.
|
|
GLBA |
Carbonite is happy to assist customers who may need to comply with the information security guidelines under GLBA. Please note that we can only assist with applicable requirements based on our role as a service provider:
As customers are responsible for their own compliance, we encourage customers to confer with their own legal counsel to ensure they are meeting all necessary business requirements. |
|
FINRA | Carbonite is committed to ensuring the confidentiality, security, and privacy of all our customers' data. Carbonite has a robust cybersecurity framework that operates under audited controls related to SOC 2, HIPAA, GDPR, SOX, and 201 CMR 17.00. Although we do not have a program around FINRA requirements, we are happy to work with financial customers who are looking to protect their data.
As customers are responsible for maintaining their own compliance, we encourage customers to confer with their own legal counsel to ensure they are meeting all necessary business requirements. Please contact Carbonite Customer Care for more informaton. |
|
FERPA |
Carbonite assists your compliance with FERPA’s data privacy requirements by encrypting all user data using 128 or 256-bit encryption and transmitting all user data to one of our state-of-the-art data centers or AWS/Google using Transport Layer Security (TLS) technology. Other security controls are encompassed in the SOC 2 assessment. |
|
Mass Data Security Regulation 201 CMR 17.00 |
Carbonite policies and practices are designed to comply with the Massachusetts Data Security Regulation. |
|
All other compliance inquiries |
Please contact Carbonite Customer Care. |