Security, privacy, and compliance

Protect your people and your data at every step

security-compliance-popular-feature-graphic

Dig deeper: Not all software security is the same

Simpplr protects your data with enterprise-grade security verified by independent auditors. At Simpplr, information security is one of our first requirements.

CERTIFICATIONS

Compliance certifications and memberships

SOC2-Type2

SOC 2 Type 2

ISO 27001

PrivacyShield

Reduce risk with a unified platform

It’s easier to defend a smaller threat surface because fewer apps mean fewer points of attack. Intranet, newsletters, surveys, mobile apps, and emergency communications are all under the same roof.

Ensure audited enterprise-grade security

If applications have security gaps, their underlying data center certifications don’t matter. Simpplr is one of the few vendors in this space to maintain ISO 27001 and SOC 2 certifications for our own operations as well as to require them of our subprocessors.

Count on guaranteed 99.99% availability

Simpplr has built out a high-availability architecture and pays a premium for hosting infrastructure so we can contractually guarantee 99.99% availability.

Enterprise-level encryption

Rely on Simpplr to deliver encrypted data in transit and at rest using TLS 1.2 and AES 256.

Role-based access control (RBAC)

Control who sees what content and who can create content using audiences integrated from your HR or identity system.

Single sign-on (SSO)

Integrate to Azure AD, Google Workspace, Okta, OneLogin, and other identity providers via SAML and SCIM.

Trust in Simpplr for industry compliance across the board

SOC 2 Type 2

Simpplr is SOC 2 Type 2 attested annually. An independent auditor regulated by the AICPA extensively investigates our operations to evaluate and attest to the effectiveness of our security controls. Our subprocessors also hold SOC 2 Type 2 attestation certificates.

ISO 27001

Simpplr is ISO 27001:2013 certified annually. An independent firm accredited by the ANAB standards body certifies that the Simpplr information security management system (ISMS) contains comprehensive policies and procedures to manage information risk.

GDPR

Simpplr helps organizations meet their GDPR compliance requirements through features such as retention policies, data subject access requests, and standard contractual clauses. 

TRUSTe

Companies that display the TRUSTe Privacy Verified seal have demonstrated that their privacy programs, policies, and practices meet the requirements of EU-US and Swiss-US Privacy Shield. 

PrivacyShield

Simpplr is an active member of the EU-US and Swiss-US PrivacyShield Frameworks. 

HIPAA

Simpplr complies with HIPAA standards, securing communication and collaboration with all key stakeholders, and will sign a HIPAA business associate agreement (BAA).

23 NYCRR Part 500

Simpplr is 23 NYCRR Part 500-ready and enables financial services firms to meet compliance requirements through features such as enhanced audit trail, SIEM integration, encryption, and incident response planning. 

GXP

Simpplr enables biotechnology, pharmaceutical, and other life sciences organizations to meet GXP compliance requirements through features such as document management, content distribution, and awareness check-in.

get simpplr

See for yourself!

Request a demo
/