Compliance and certificationsAlways secure, certainly compliant
Communication processes used by international companies are facing increasingly stringent compliance requirements. With Retarus’ Enterprise Cloud it’s easy for you to comply with internal policies and external regulations, consistently and company-wide.
Complete protection from the Cloud
With us, your data remains available, intact, and confidential – anywhere in the world. Retarus uses a security framework and a management system for information security (ISMS) verified to ISAE 3000 SOC2 Type II to ensure security. This allows us to support you in your compliance with your international standards and individual control sets, regardless of which Retarus Cloud Service you use.
Retarus Cloud Services: Internationally compliant.
✓ German Federal Data Protection Act
✓ EU Directive 95/46/EC
✓ ISAE 3402
We consider the data of our employees and business partners to be valuable property and protect it globally, while considering all locally applicable laws and regulations. We consistently comply with all relevant data privacy regulations and commit ourselves to handling confidential information with great care.
Retarus Code of Conduct
Signed and sealed
With Retarus Cloud Services you can be sure that you are in compliance with all relevant regulations. The internal control system ensures that your business-critical data and information receives the highest level of protection in accordance with ISAE 3402. Furthermore, Retarus is PCI DSS Level 2 verified, and supports industry standards such as HITRUST and TISAX and, as a European company, complies with the GDPR. In addition, our Security Framework includes best practices from the ISO 27000 series, as well as the IT basic protections of the German Federal Office for Information Security (BSI).
HIPAA, HITRUST and others
Particularly important for the United States of America health care system are the regulations put forth by HIPAA and HITECH Act, as well as industry standards such as HITRUST and HL7. They stipulate the highest level of sensitivity when handling confidential patient and health care data. The HITRUST Common Security Framework (CSF), in particular, is also being met with growing interest outside of the health care industry by other highly regulated industries.
ISAE 3402 / SSAE 18 / SOC 1
ISAE 3000 / SSAE 18 / SOC 2
|United States of America||HIPAA, HITRUST||
US-ASH and US-SEC:
|Singapore||Data Protection Act 2012 PDPA||
|Germany||Federal Data Protection Act (GDPR)||
|Switzerland||Federal Law on Data Protection (DPA)||
You can check the Retarus Security Framework at any time if you require special certifications for compliance. Your auditors will receive personal access to our data centers and information about the relevant processes.