How Guard1 Adheres to Standards for Data Security

Protecting customer data is a primary focus of the Guard1 system. Our comprehensive approach to data protection includes multiple security layers, addressing different aspects of data security.

HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) defines Personal Health Information (PHI) as information created, used or disclosed in the course of providing a health care diagnosis or treatment.

Although Guard1 normally does not store this type of information, it is compliant with all HIPAA regulations and a Business Associate agreement can be a part of your Guard1 Real Time system project.

CJIS

US DOJ Document CJISD-ITS-DOC-08140-5.9.1, “Criminal Justice Information Services Security Policy” (10/1/22) defines “Criminal Justice Information” (CJI) and outlines federal policy for access to CJIS information.

Types of CJI include biometric data, criminal history, biographic data, property data, and case/incident history data.

Guard1 Real Time does not store CJIS data. However, if your organization requires a CJIS agreement, this can be made a part of your Guard1 Real Time project.

SOC 2 Type II

Our company’s commitment to security is underscored by our participation in standards based compliance. One part of that commitment is our annual SOC 2 audit.

The criteria for a SOC 2 attestation for Guard1 are:

Security: The system is protected against unauthorized access (both physical and logical).
Availability: The system is available for operation and use as committed or agreed.
Processing Integrity: System processing is complete, valid, accurate, timely, and authorized.
Confidentiality: Information designated as confidential is protected as committed or agreed.
Privacy: Personal information is collected, used, retained, disclosed, and disposed of in conformity with the commitments in the entity’s privacy notice.
The result of the SOC 2 process is a report, which we can share with existing or prospective customers.