Security Architecture
Theta Lake’s SOC 2, Type 2-audited Compliance Suite is a purpose-built platform that provides automatic detection of regulatory, privacy, and cybersecurity risks in audio, video, chat and other collaboration content. Theta Lake deploys industry-leading security and compliance controls to protect the security, confidentiality, and availability of information stored on the platform. The solution’s technical design is based on our Secure in Transit, Architecture, Rest, Redaction, and Removal (“STAR3”) architecture. Theta Lake’s staff includes privacy practitioners with CIPP/E and CIPP/US certifications as well as CISSP and other security credentials.
Theta Lake has achieved the SOC 2, Type 2 Report for its Compliance Suite. Theta Lake’s System and Organization Controls (SOC) Report is an independent third-party examination report that demonstrates how Theta Lake achieves key compliance controls and objectives. The purpose of this report is to help our clients, prospective clients, and their auditors understand the Theta Lake controls established to support operations and compliance.
Theta Lake has implemented controls to comply with the Security Rule of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and secure electronic protected health information (ePHI).
ISO 27001
Theta Lake has implemented technical and organizational controls to align with the ISO 27001 information security management standard.
Theta Lake completed TruSight’s third-party risk assessment as part of its ongoing efforts to align with financial services industry security best practices. Theta Lake’s report is available to TruSight customers upon request by contacting thirdparty@trusightsolutions.
Theta Lake’s Compliance Suite has been evaluated by an independent, third-party auditor and is compliant with Payment Card Industry Data Security Standard (PCI DSS) for processing credit card data.