GoodData Cloud Security and Compliance

GoodData Cloud is a cloud-native solution incorporating robust data security and protection across all layers. Owing to the flexibility in deployment options, you can select a model that best aligns with your security and compliance requirements. However, as with all cloud-based solutions, it’s essential to remember that information security is a shared responsibility.

Adherence to Security and Compliance Standards

GoodData Cloud supports the following compliance standards and certifications by default:

• Service Organization Control (SOC2)
• International Organization for Standardization (ISO) 27001/27002 Compliance
• EU and UK General Data Protection Regulation (GDPR)
• California Consumer Privacy Act (CCPA)
• Family Educational Rights and Privacy Act (FERPA)
• Gramm-Leach-Bliley Act (GLBA)
• U.S. Health Insurance Portability and Accountability Act (HIPAA)*

* HIPAA is not supported by default, see HIPAA Add-On.

If you require a certification that is not yet supported:

• Talk to our sales team to discuss whether this certification can be added to the GoodData Cloud service.
• Consider using our on-premise solution, with which you can achieve certification independently of GoodData.

Business Continuity and Disaster Recovery

As a modern cloud native product, GoodData Cloud is built in a way that allows for out of the box high availability and supports automated means to implement business continuity and disaster recovery.

Our business continuity practices are aligned with the international standard for Business Continuity Management Systems (BCMS) ISO 22301.