Security and Compliance
At InRule Technology, security is a top priority.
This focus fuels our adherence to recognized best practices to ensure our products and processes are designed to protect our customers’ information and retain their confidence, and that our people observe industry-leading InfoSec practices to ensure security throughout our development and delivery lifecycle.
Standards Compliance
InRule is SOC2 Type II compliant
SOC 2 Type II
Examination Period: November 1, 2022 – October 31, 2023
Platforms
InRule Decisioning
InRule Machine Learning
Our completion of this exam and report means that our customers, even those working in the most highly regulated industries, can be assured of our robust security procedures. An essential demonstration of our commitment to security, SOC 2 Type II compliance means we protect our customers’ highly sensitive data and information, using rigorous standards, vetted by independent auditors.
Mapping to DFARS (Using Applicable NIST 800-171 Security Revision 2 Requirements)”. For customers interested in understanding how SOC 2 controls map to NIST, our report also includes a table with relevant mappings.
Mapping to HITRUST. HITRUST CSF provides the structure, transparency, guidance and cross-references to authoritative sources organizations need to be certain of their data protection compliance. This report includes a mapping of HITRUST CSF to SOC 2 controls included in the report.
HIPAA
Platforms
InRule Decisioning
InRule Machine Learning
Examination Period: November 1, 2022 – October 31, 2023
Independent auditors have examined suitability of the design and operating effectiveness of controls to meet the applicable requirements of 45 C.F.R. Sections 164.308 (Administrative Safeguards), 164.310 (Physical Safeguards), and 164.312 (Technical Safeguards) set forth in the U.S. Department of Health and Human Services’ (HHS) Health Information Portability and Accountability Act (HIPAA) (HIPAA Security Rule requirements).
Our completion of this audit and resultant report confirm our compliance with the rigorous standards pertaining to the security of personal health information (PHI and e-PHI) set forth in HIPAA.
Enterprises who are subject to HIPAA and wish to use the InRule Decision Platform or InRule Machine Learning to process PHI should contact our team to learn more.
ISO 27001
Platforms
InRule Decisioning
InRule Machine Learning
InRule Process Automation (formerly known as Barium Live)
InRule Decisioning, InRule Machine Learning, and InRule Process Automation (formerly known as Barium Live) have been independently certified to comply with ISO 27001. For more information on this certification, please contact our security team at [email protected]
Security Updates and News
- December 2021: Apache Log4J utility exploit statement
For more information, please contact our sales team or email [email protected] to engage with our SecOps team.