Trust Center

Start your security review
View & download sensitive information
Ask for information
ControlK

Overview

Tandem is fully HIPAA-compliant and SOC 2 Type II certified, with documentation and specific policies available upon request.

All data is end-to-end encrypted and stored in US-based enterprise systems.

For any questions, please contact security@withtandem.com.

Compliance

SOC 2 Type 2 Logo
SOC 2 Type 2
HIPAA Logo
HIPAA

Reports

HIPAA Report
SOC 2 Report

Data Security

Data Asset Classification
Data Breach Notification
Information Disclosure Protection
View more

App Security

Responsible Disclosure
Application Penetration Testing
Software Development Lifecycle
View more

Endpoint Security

Anti-Malware
Disk Encryption
Host Intrusion Detection System (HIDS)

Policies

Acceptable Use Policy
Asset Management Policy
Backup Policy
View more

Risk Management

Risk Assessments

Training

Phishing Training
Role-Based Training
Security Awareness Training

Continuous Monitoring

Data Loss Prevention System (DLP)
Event & Audit Log Management
Intrusion Detection System (IDS)

Documents

REPORTSHIPAA Report
REPORTSSOC 2 Report
COMPLIANCEHIPAA
COMPLIANCESOC 2 Type 2
DATA SECURITYData Asset Classification
DATA SECURITYData Breach Notification
DATA SECURITYInformation Disclosure Protection
DATA SECURITYPhysical Security
APP SECURITYResponsible Disclosure
APP SECURITYSoftware Development Lifecycle
APP SECURITYVulnerability & Patch Management
APP SECURITYWeb Application Firewall
Trust Center Updates

Tandem SOC 2 Type II Report

Copy link
Compliance

We are excited to announce that Tandem successfully completed our second System and Organization Controls (SOC) 2 Type II audit, performed by Sensiba LLP (Sensiba) for the period from February 1, 2024 to January 31, 2025.

Developed by the American Institute of Certified Public Accountants (AICPA), the SOC 2 information security audit provides a report on the examination of controls relevant to the trust services criteria categories covering security, availability, processing integrity, confidentiality, and privacy.

A SOC 2 Type II report describes a service organization's systems, whether the design of specified controls meets the relevant trust services categories, and assesses the effectiveness of those controls over a specified period of time. Tandem’s SOC 2 Type II report did not have any noted exceptions and was therefore issued with a “clean” audit opinion from Sensiba.

Built onSafeBase by Drata Logo