Standards & Compliance
Does the data behind your enterprise dictate the highest level of security protection? C Spire maintains ever-vigilant efforts to deliver a robust and superior information security footprint -matching and exceeding the most rigorous industry standards. Our fidelity to SOC, PCI, and HIPAA standards is a testament to how serious we treat data security.
C Spire maintains an Attestation for SOC Compliance from an external auditing firm for SOC 1 and SOC 2 controls. A SOC 3 report is available for your review, upon request. These reports detail controls implemented regarding managed security services, change management, service delivery, support services, environmental services, physical security, facilities management, and Trust Service principles.
The C Spire cloud facility and its operations are PCI compliant. Meeting this key compliance standard is critical to protect sensitive payment and financial data.
C Spire cloud infrastructure, facility, and operations meet the stringent requirements for compliance with the Health Insurance Portability and Accountability Act (HIPAA). An external auditing firm validates our adherence to the HIPAA meaningful use security rule as a business associate.