SOC2 - Service Organization Controls (Soc2) (Type II) Trust Services Principles
SOC2 compliance ensures that Intercom has controls in place to process and manage customer’s data. Compliance shows the excellence of controls in the realms of security, availability, and confidentiality.
HIPAA - Health Insurance Portability and Accountability Act
HIPAA is a federal law that requires the creation of standards and controls to protect electronic protected health information (ePHI) from being disclosed.
ISO 27001 - ISO 27001:2013 Certification
ISO/IEC 27001 is an international standard for information security management systems (ISMS). Certification shows that an organisation has put in place a system to manage risks related to the security of data owned or handled by the company, and that this system respects all the best practices and principles within this International Standard.
ISO 27018 - ISO 27018:2019 Certification
ISO/IEC 27018 It is an add-on to ISO 27001 and is an international standard on privacy in cloud computing services.
Health Data Hosting
Intercom is HDS (Hébergeur de Données de Santé) certified. Intercom customers are required to comply with applicable data protection legislation and local regulations with regards to personal health information. Customers that work with or in the French healthcare industry must comply with the PGSSI-S (global information security policy for the healthcare sector) and are required to implement a health information system in compliance with the PGSSI-S.
CSA - Cloud Security Alliance
CSA is a not for profit organisation which put together best practices for a company to follow to help ensure a secure cloud computing environment.
Getting access to compliance documents.
Within your Intercom workspace we have a security settings page (Settings > Security > Compliance documents) that allows logged-in admins to download our compliance documents without having to request them.