Trust Center
Last Modified: July 5, 2024
{
"complianceFrameworkData": [
{
"description": "The Payment Card Industry Data Security Standard (PCI DSS) is a global security standard designed to protect cardholder data and reduce credit card fraud. It is managed by the PCI Security Standards Council (PCI SSC), which was founded by major credit card brands like Visa, MasterCard, American Express, Discover, and JCB.",
"logoSrc": "img/compliance-frameworks/pci-logo.png",
"key": "pci-dss",
"name": "PCI DSS",
"status": "complete"
},
{
"description": "The Health Insurance Portability and Accountability Act (HIPAA) is a critical framework for managing patient data in the United States. It was enacted in 1996 to ensure the privacy and security of protected health information (PHI). HIPAA compliance is enforced by the Office for Civil Rights (OCR) under the U.S. Department of Health and Human Services (HHS). ",
"logoSrc": "img/compliance-frameworks/hipaa-logo.png",
"key": "hipaa",
"name": "HIPAA",
"status": "in-progress"
},
{
"description": "The CSA STAR (Security, Trust, Assurance, and Risk) program is a comprehensive framework for cloud service providers (CSPs) designed to provide potential customers with a clear understanding of the security posture of cloud services. This program is offered by the Cloud Security Alliance (CSA), a leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.",
"logoSrc": "img/compliance-frameworks/csa-logo.png",
"key": "csa-star",
"name": "CSA STAR",
"status": "in-progress"
},
{
"description": "The NIST Cybersecurity Framework (CSF) is a voluntary framework primarily intended for critical infrastructure organizations to manage and mitigate cybersecurity risk based on existing standards, guidelines, and practices. However, due to its comprehensive and flexible nature, many organizations outside of critical infrastructure also adopt it to enhance their security posture.",
"invertLogoOnDarkMode": true,
"logoSrc": "img/compliance-frameworks/nist-logo.png",
"key": "nist-cybersecurity-framework",
"name": "NIST Cybersecurity Framework",
"status": "in-progress"
},
{
"description": "Executive Order 14028 on Improving the Nation’s Cybersecurity (EO 14028) is a directive from the U.S. government that aims to strengthen cybersecurity practices across federal government agencies and their suppliers. Issued in 2021, it focuses on enhancing software supply chain security, particularly through the development and implementation of more secure software development environments.",
"logoSrc": "img/compliance-frameworks/cisa-logo.png",
"key": "cisa-eo-14028",
"name": "CISA EO 14028",
"status": "in-progress"
}
]
}
Complete
PCI DSS
The Payment Card Industry Data Security Standard (PCI DSS) is a global security standard designed to protect cardholder data and reduce credit card fraud. It is managed by the PCI Security Standards Council (PCI SSC), which was founded by major credit card brands like Visa, MasterCard, American Express, Discover, and JCB.
Learn more in our announcement blog post.
In Progress
HIPAA
The Health Insurance Portability and Accountability Act (HIPAA) is a critical framework for managing patient data in the United States. It was enacted in 1996 to ensure the privacy and security of protected health information (PHI). HIPAA compliance is enforced by the Office for Civil Rights (OCR) under the U.S. Department of Health and Human Services (HHS).
In Progress
CSA STAR
The CSA STAR (Security, Trust, Assurance, and Risk) program is a comprehensive framework for cloud service providers (CSPs) designed to provide potential customers with a clear understanding of the security posture of cloud services. This program is offered by the Cloud Security Alliance (CSA), a leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.
In Progress
NIST Cybersecurity Framework
The NIST Cybersecurity Framework (CSF) is a voluntary framework primarily intended for critical infrastructure organizations to manage and mitigate cybersecurity risk based on existing standards, guidelines, and practices. However, due to its comprehensive and flexible nature, many organizations outside of critical infrastructure also adopt it to enhance their security posture.
In Progress
CISA EO 14028
Executive Order 14028 on Improving the Nation’s Cybersecurity (EO 14028) is a directive from the U.S. government that aims to strengthen cybersecurity practices across federal government agencies and their suppliers. Issued in 2021, it focuses on enhancing software supply chain security, particularly through the development and implementation of more secure software development environments.
Contact Information
If you have any questions, please contact us:
Symmetric LLC
Phone: 202.713.5950
Email: support@symmetric3d.com