Compliance
SOC 2 Type 2
A SOC 2 Type 2 report is an internal controls report that captures how a company protects customer information and how well those controls are working. Stream maintains an annual SOC 2 Type II report.
ISO 27001
ISO/IEC 27001 is an international standard for managing information security. Stream is ISO 27001:2022 certified.
GDPR
The GDPR (General Data Protection Regulation) is an EU regulation that significantly enhances the protection of the personal data of EU citizens and increases the obligations of organisations that collect or process personal data. Stream is GDPR compliant.
HIPAA
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law requiring national standards to protect ‘Protected Health Information’ (PHI) from being disclosed without the patient's consent or knowledge. Stream is HIPAA compliant.
CCPA
The California Consumer Privacy Act (CCPA) establishes and enhances consumer privacy rights for California residents and imposes rules on businesses that handle their personal information. Stream is CCPA compliant.
Resources
ISO 27001 Certificate
Stream currently complies and is certified for ISO 27001:2022. Our ISO 27001 Certificate is available for download.
ISO 27001 Report
Stream is audited annually for compliance with the ISO 27001 standard. The audit is performed by A-lign. Our latest ISO 27001 Report is available for download.
SOC 2 Type II Report
Stream is audited as part of SOC 2 compliance to attest to the excellence of our controls in the domain of security. The audit is performed by A-lign annually, with a yearly audit window. Our latest SOC 2 Type II Report is available for download.
Stream Subprocessors
Stream uses sub-processors in order to provide the Subscription Services to Customers. A list of Stream's sub-processors is available for download.
Security, Compliance & Privacy FAQ
Please download our FAQ document to see the answer to the most frequent Security, Compliance, and Privacy related questions.