All LogDNA plans are compliant with SOC 2 Type 2, PCI-DSS, GDPR, EU-US Privacy Shield, and CCPA, and we offer a HIPAA-compliant logging plan.
LogDNA uses third-party sub-processors to provide infrastructure services, and email notifications to help us provide customer support. Prior to engaging any third-party sub-processor, LogDNA fully evaluates their privacy, security, and confidentiality practices.
LogDNA has established a security program dedicated to ensuring customers have the highest confidence in our custodianship of their data. Check out our whitepaper on our approach to security and read our compliance eBook.
The Health Insurance Portability and Accountability Act of 1996 Title II (HIPAA) addresses safeguards to secure electronically protected health information (ePHI), including log management and audit requirements. LogDNA’s systems and processes are fully compliant with HIPAA, and we are audited for HIPAA and HITECH compliance every year by a third-party qualified security assessor. For customers on our HIPAA-compliant logging plan, LogDNA will sign a Business Associate Agreement (BAA) and take on the associated legal liability of handling your sensitive data.
HIPAA requires a minimum of 6 years of retention of audit log data. To ensure compliance, LogDNA provides a secure and convenient archiving service for logs older than the retention period of your LogDNA plan.
LogDNA is committed to ensuring the highest level of privacy protection. As a General Data Protection Regulation (GDPR) compliant organization, LogDNA has standardized user data privacy across the EU nations, regardless of where the organizations themselves are located.
Learn more about LogDNA's approach to GDPR.
The SOC 2 Report demonstrates LogDNA’s commitment to meeting the most rigorous security, availability, and confidentiality standards in the industry. It verifies that LogDNA’s security controls are in accordance with the AICPA Trust Services Principles and Criteria. Please contact your account manager or firstname.lastname@example.org to request LogDNA’s most recent report.
LogDNA has been audited by an independent PCI-DSS Qualified Security Assessor (QSA) and is certified as a PCI-DSS Level 1 Service Provider. This is the most stringent level of certification available in the payments industry.
To comply with EU data protection requirements, LogDNA is Privacy Shield certified. This enacts protections for the personal data of EU individuals when it is transferred to the United States.
Learn more about LogDNA's approach to Privacy Shield.
Learn more about LogDNA's approach to CCPA.