Skip to main content
Skip table of contents

Redpoint's security standards and compliance

Updated

At Redpoint Global, we are committed to ensuring the security, privacy, and compliance of our systems and processes. Through adherence to internationally recognized standards and independent assessments, we demonstrate our dedication to maintaining the trust and confidence of our clients.

ISO/IEC 27001:2022 Recertification

Redpoint Global has achieved recertification to ISO/IEC 27001:2022, showcasing our robust approach to managing information security through a comprehensive Information Security Management System (ISMS).

  • Scope of Certification: Covers all Redpoint computer systems and facilities, targeting executive management, employees, contractors, and partners. Systems are hosted on Microsoft Azure and Amazon Web Services, with operations based in the USA and UK, as detailed in the Redpoint Global Statement of Applicability ISO27001.

This recertification reflects our ongoing adherence to international standards for identifying and mitigating information security risks, as well as maintaining continual improvement.

SOC 2 Type II Report

Redpoint Global has successfully completed a SOC 2 Type II report, validating the design and operating effectiveness of controls aligned with AICPA Trust Services Criteria for Security, Availability, and Confidentiality.

  • Scope of Report: Evaluates Redpoint Global’s Data Readiness Hub system and highlights reliance on complementary sub-service organization controls necessary to achieve Redpoint’s service commitments and system requirements. A list of our subprocessors is available here: Redpoint subprocessors.

This independent report provides our clients with confidence that their data is handled securely and reliably within our systems.

Independent HIPAA Security Compliance Assessment

HIPAA does not have a formal certification program; assessment validates compliance controls.

Redpoint Global has completed an independent HIPAA security compliance assessment, confirming the effectiveness of administrative, physical, and technical safeguards for Protected Health Information (PHI).

Our HIPAA compliance efforts focus on the Security Final Rule requirements, including:

  • Administrative Safeguards: Security management processes, workforce security, access management, training, incident response, contingency planning, and BAAs.

  • Physical Safeguards: Facility access controls, secure workstation use, portable device controls, and workstation security.

  • Technical Safeguards: Audit controls, data integrity, user authentication, and secure data transmission.

While HIPAA does not have a formal certification mechanism, this independent assessment validates that our practices meet and exceed regulatory requirements.

Requesting Documentation

If you require a copy of our ISO/IEC 27001:2022 certification, SOC 2 Type II report, or details on HIPAA compliance, please contact secure@redpointglobal.com. Documentation will be provided after establishing a mutual non-disclosure agreement (mNDA).

Transparency in Certification and Compliance

Redpoint Global ensures that all references to certifications and compliance accurately reflect their scope and purpose. We strictly adhere to guidelines for the use of certification logos and marks, maintaining transparency and avoiding any misleading statements. These achievements underscore Redpoint Global’s leadership in delivering secure, compliant solutions for regulated industries.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close