In addition to the steps we take by securing our servers and training our staff about privacy, we also comply with:
- EU businesses can sign and return an International Data Transfer Agreement containing the EU Model Clauses. If you prefer to sign digitally, please contact support.
Compliance with HIPAA Security Rule and guidance laid out in NIST SP 800-66. Read more about HIPAA.
PCI (SAQ C 3.1)
Data center is certified SOC 2 Type II
- Accessibility compliance for section 508, download VPAT
For those of you in the EU who must comply with the General Data Protection Regulation (GDPR), effective May 2018, we're looking into it; if we decide to pursue compliance with GDPR, it will be at no additional cost to you. However, because the implications of GDPR on the operation of Acuity are still being explored, we cannot say at this point whether or not Acuity Scheduling will comply with GDPR in the future.
If you have any questions about security or privacy, please contact support.