Data Security & Compliance

SOC 2 TYPE 1

SOC 2 Type 1 Report covering Security, Availability & Privacy.

SOC 2 TYPE 2 + HITRUST

SOC 2 Type 2 Report that includes controls relevant to HITRUST

SOC 2 TYPE 2

SOC 2 Type 2 Report covering Security, Availability & Privacy.

ISO 9001:2015

Globally recognized security standards for implementing an ISMS.

CCPA

California Data Protection Standards.

GDPR

EU Data Protection Standards.

ISO 27001:2022

Globally recognized security standards for implementing an ISMS.

HIPAA

Globally recognized security standards for  Healthcare Protected Information.

Data Security Infrastructure at Equa

1. Equa operates on servers which meet the threshold laid down in relevant international standards. These include ISO 27001, ISO 9001, ISO 27017, ISO 27018, C5, Cyber Essentials Plus, DoD SRG, FedRAMP, FIPS, PCI DSS Level 1, SEC Rule 17-a-4(f), SOC1, SOC2 and SOC3.

2. Entry and access to infrastructure are securely managed via VPN. Entry to important third party software providers/technology interface used by Virtual Dispute  Resolution Centre including third parties is limited to VP-level employees only and is secured by 3 factor authentication.

3. Safeguarding data is one of the most critical challenges plaguing server administrators. Equa follows strict procedural guidelines which enable us to make our system more stable, fix issues such as setting up a firewall, creating and managing transport layer security SSL certificates, providing secure SFTP user access, and blocking malicious probes, among others.

4.   Data is stored and aggregated on Amazon Web Services by default in the Mumbai Region and is constantly backed up. Registered workers, employees and agents must pass three factor authentication at least thrice before accessing data centre floors. 

Document Security Compliances

Monitoring & Audit

Grievances regarding Data Violations

The grievance relating to the Data Violations can be directly addressed to the Data Compliance Officer. The Equa Team shall take immediate action upon such information.

The Data Compliance Officer,

grievance@equa.law

www.equa.law