Security and Compliance
Hashboard is SOC2 Type II certified, with no noted exceptions in our most recent audit report.
Developed by the AICPA, SOC 2 Type II is an extensive auditing procedure that ensures a company is handling customer data securely and in a manner that protects the organization as well as the privacy of its customers. SOC 2 is designed for service providers storing customer data in the cloud.
With many members on our founding team coming from Flatiron Health, Hashboard has been built with extra consideration for healthcare organizations. We support Health Insurance Portability and Accountability Act (HIPAA) compliance and also sign Business Associate Agreements (BAAs). There is no extra charge in Hashboard for HIPAA compliance or BAAs.
Hashboard operates by issuing queries to user's existing data warehouses. We do not ingest and store the full underlying data of the tables.
To enable fast interactive data explorations, Hashboard caches aggregated query results within our infrastructure and in local browser sessions. Users can customize Hashboard’s cache usage (opens in a new tab) to meet specific performance or data freshness requirements.
Have additional questions?- If more information is needed around our security procedures and/or you would like to request a review of our SOC2 report, please reach out to firstname.lastname@example.org and we’d be happy to provide the necessary documentation.
Hashboard has a robust and flexible role-based access control system which can be used to enforce data segmentation as well as row-level and column-level data permissions. For more details, see Permissions Overview.