FP&A Compliance & Security
SOC 2 Type II & HIPAA
Protecting the Data Behind Every Decision
Solver is SOC 2 Type II, HIPAA, and GDPR compliant backed by enterprise-grade security built on Microsoft Azure. From data storage to user access controls, every layer of the Solver xFP&A platform is designed to meet the compliance requirements of finance teams in regulated industries.
“Solver addresses the challenge of meeting various reporting requirements, including traditional financial statements and nontraditional regulatory and internal reporting... This capability benefits our organization by providing the flexibility to handle diverse reporting needs while ensuring compliance and accuracy.”
Investment Management Professional
SOC 2 Compliance
Solver undergoes independent SOC 2 audits conducted by BARR Advisory under the AICPA's Trust Services Criteria: security, availability, processing integrity, confidentiality, and privacy. The report documents the controls used to protect customer data, for review by customers, auditors, and regulators.
SOC 2 reports are used for vendor oversight, third-party risk management, internal governance and risk management, and regulatory and audit requirements. The report can be requested through our Contact Us page. Learn more about the SOC 2 framework from the AICPA.
HIPAA Compliance
HIPAA (the Health Insurance Portability and Accountability Act) sets US requirements for protecting individually identifiable health information. It applies to covered entities, such as doctors' offices, hospitals, and health insurers, and to business associates, such as Solver, that process protected health information (PHI) on their behalf.
Business associates must sign a Business Associate Agreement (BAA) with a covered entity before handling PHI. Once a BAA is in place, PHI can be processed and stored on the platform. Solver services covered under a BAA undergo audits by accredited independent auditors, since HIPAA has no formal certification process.
GDPR Compliance
The General Data Protection Regulation (GDPR) is a comprehensive EU law governing data privacy and security. Solver complies with GDPR, protecting the personal data of individuals in the European Union.
Have any security or compliance questions?
Solver Compliance | Frequently Asked Questions
-
Is Solver SOC 2 compliant?
Yes. Solver undergoes independent SOC 2 Type II audits conducted by BARR Advisory, covering security, availability, processing integrity, confidentiality, and privacy of the systems used to process customer data.
-
Is Solver HIPAA compliant?
Solver supports HIPAA compliance for customers in healthcare. Solver signs Business Associate Agreements (BAAs) with covered entities and undergoes independent audits of the services covered under those agreements.
-
Is Solver GDPR compliant?
Yes. Solver complies with the General Data Protection Regulation (GDPR), the EU law governing the privacy and security of personal data belonging to individuals in the European Union.
-
What cloud infrastructure does Solver run on?
Solver is a multi-tenant solution built on Microsoft Azure, which provides the underlying physical, network, and infrastructure security controls Solver's compliance program relies on.
-
Does Solver sign a Business Associate Agreement (BAA)?
Yes. Customers who need to process protected health information (PHI) can request a BAA from Solver before storing or processing that data in the platform.
-
How can I request Solver's SOC 2 report?
Contact the Solver team through the Contact Us page to request a copy of the SOC 2 report under NDA.
-
Where can I find Solver's Terms of Service and Privacy Policy?
Solver's Terms of Service and Privacy Policy are linked at the bottom of the footer on every page of our website. The Terms of Service outline the conditions governing use of the Solver platform, and the Privacy Policy explains how personal data is collected, used, and protected.