Auric Systems International tracks and complies with industry and government security and privacy regulations.
PCI Compliance
Auric Systems International is a Level 1 PCI DSS Validated Service Provider.
The AuricVault® Service PCI DSS 3.2.1 Responsibility Matrix shows how Auric reduces your PCI footprint and simplifies your compliance. Of the 251 requirements in PCI DSS version 3.2.1, Auric is the responsible party for 243 requirements. The client is responsible for three and Auric and the client share responsibility for five requirements.
- Auric PCI DSS 3.2.1 Attestation of Compliance (AoC) 2020-12
- AuricVault® Service PCI DSS 3.2.1 Responsibility Matrix
SOC 2 Compliance
Our SOC 2 Type 1 audit completes step 1 of Auric's planned SOC 2 compliance. The formal SOC 2 Type 2 annual compliance audit is scheduled for 20Q3 in conjunction with our annual Level 1 PCI Service Provider assessment.
Government Compliance
Auric Systems International maintains compliance with the following international regulations:
- EU-U.S. Privacy Shield
- Swiss-U.S. Privacy Shield
- General Data Protection Regulation: GDPR
Personally Identifiable Information (PII)
Auric operates the AuricVault® service in compliance with a variety of privacy laws suitable for storing Personally Identifiable Information (PII) including medical data (HIPAA).
Compliance Officer
Contact the Auric Compliance Officer at compliance@AuricSystems.com with any questions you might have regarding Auric's compliance.