Login Register

Compliance

Learn how we comply with global data protection regulations and industry standards

Quick Navigation

Compliance Overview

At OmyPost, we maintain a comprehensive compliance program to ensure we meet and exceed regulatory requirements and industry standards.

Regulatory Framework

Our compliance framework is designed to address multiple regulatory requirements while maintaining operational efficiency.

Continuous Monitoring

We maintain continuous compliance monitoring and regular assessments to ensure ongoing adherence to standards.

Standards & Certifications

We maintain compliance with key international standards and regularly undergo certification processes.

ISO 27001

Information Security Management System (ISMS) certification, demonstrating our commitment to security best practices.

SOC 2 Type II

Annual audit verifying our controls for security, availability, and confidentiality.

PCI DSS

Level 1 Service Provider certification for secure payment processing.

GDPR

Full compliance with EU data protection regulations.

GDPR Compliance

Data Protection Measures

  • Appointment of Data Protection Officer (DPO)
  • Regular Data Protection Impact Assessments (DPIA)
  • Documented data processing activities
  • Privacy by design and default

Data Subject Rights

We ensure full support for all GDPR data subject rights, including access, rectification, erasure, and portability.

HIPAA Compliance

Healthcare Data Protection

  • Business Associate Agreements (BAA)
  • PHI handling procedures
  • Security Rule compliance
  • Regular HIPAA training

Healthcare Integration

Secure integration capabilities for healthcare providers with full HIPAA compliance.

PCI DSS Compliance

Payment Security

  • Secure payment processing
  • Regular vulnerability scanning
  • Quarterly security assessments
  • Annual penetration testing

Cardholder Data Security

Implementation of all required controls for secure handling of payment card data.

SOX Compliance

Financial Controls

  • Internal control framework
  • Financial reporting controls
  • Access control monitoring
  • Audit trail maintenance

Financial Integrity

Robust controls ensuring accuracy and reliability of financial reporting.

Audits & Assessments

External Security Audits

Annual third-party security assessments and penetration testing.

Compliance Reviews

Quarterly internal compliance reviews and gap assessments.

Control Testing

Continuous monitoring and testing of security controls.

Risk Assessments

Regular risk assessments and mitigation planning.

Compliance Reports

Available Reports

  • SOC 2 Type II Report
  • PCI DSS Attestation of Compliance
  • ISO 27001 Certificate
  • GDPR Compliance Statement
  • Security Questionnaire Responses

Request Reports

Contact our compliance team at compliance@omypost.com to request compliance reports under NDA.