§ 00·0x00/COMPLIANCE / FRAMEWORKS
Meet your compliance obligations.
CipherStash helps you meet your compliance obligations by giving you identity-based access controls that keep your data encrypted even when it is in use. Every decryption is logged. Every key is identity-bound. The auditor's trail is built by construction.
Compliance is the receipt, not the goal. When data is encrypted in use, the exposure your auditor checks for cannot happen in the first place. The checklist mostly fills itself in. See how we cover at rest, in transit, and in use.
§ 01·0x01/FRAMEWORKS / COVERAGE
Frameworks we cover.
→ 01
PCI DSS 4
Disk encryption alone no longer covers stored cardholder data. Meet Requirement 3.5.1.2 with field-level encryption, queries intact.
READ MORE →→ 02
HIPAA
A proposed update would make ePHI encryption mandatory. Field-level encryption, identity-bound access, and a full audit trail.
READ MORE →→ 03
SOC 2
Meet your SOC 2 obligations with strong database encryption and granular identity-based access control. CipherStash is SOC 2 Type II certified.
READ MORE →→ 04
BDSG
Meet the German Federal Data Protection Act with encryption in use, identity-bound keys, and full audit trails across every access.
READ MORE →§ 02·0x02/NEXT / TRUST CENTER
Questions about compliance?
Visit the CipherStash Trust Center for SOC 2 reports, penetration test summaries, security questionnaires, and the full list of compliance documents we make available to customers under NDA.