thedevstockgirl
thedevstockgirlβ€’11mo ago

SOC 2, GDPR and HIPAA.

I see some comment on the 2023 year end article that these are coming this year. Is there an ETA? Or a public roadmap on these? Thank you
14 Replies
james
jamesβ€’11mo ago
We're waiting to hear back from the auditors to fully wrap up SOC-2 but all the work is done and it should be ready very soon, hopefully in a couple of weeks. We don't have a public timeline on GDPR and HIPAA but we'll start on these once right after SOC-2. Let us know if you have any particular timeline constraints!
thedevstockgirl
thedevstockgirlOPβ€’11mo ago
Ok. Thanks James. Will reach out.
jamwt
jamwtβ€’11mo ago
@thedevstockgirl update: SOC 2 type 1 is done! moving onto GDPR now
thedevstockgirl
thedevstockgirlOPβ€’11mo ago
Thanks for the update @jamwt . That's great to hear. We are on the supabase team plan with HIPAA add-on, and hoping that we are able to get somethig similar soon with convex. This is critical for any type of healthcare application. Will a 1 - 2 months time be feasible for HIPAA? Our migration has been going well, and the small dev team handling this are fans. But without HIPAA compliance, that rollout will be in beta for a while. Per supabase release note on HIPAA, "Going from zero to a SOC2 certification was much harder, than going from SOC2 to HIPAA", so hoping that is going to be the case here too.
jamwt
jamwtβ€’11mo ago
Yep. We hear the gap from SOC 2 to GDPR and HIPAA is pretty small. On timeline, I don’t know today. But I hope to follow up soon with better estimates.
thedevstockgirl
thedevstockgirlOPβ€’11mo ago
Ok. Great. Will follow this thread and your site for updates on this. Thank you.
jamwt
jamwtβ€’11mo ago
No problem! Thanks for the patience. I'd also love to jump on a call sometime and hear more about your project if you're up for it!
thedevstockgirl
thedevstockgirlOPβ€’11mo ago
For sure. We might be up for it. I'll let you know.
FleetAdmiralJakob πŸ—• πŸ—— πŸ—™
FleetAdmiralJakob πŸ—• πŸ—— πŸ—™β€’10mo ago
+1 for GDPR love to see it since I live EU
Rob
Robβ€’9mo ago
+1 on HIPAA. I'm creating an app for the healthcare space and would love to use Convex @jamwt any update on estimated timelines for HIPAA compliance? bumping @jamwt
jamwt
jamwtβ€’9mo ago
we have a gap analysis from the firm that did our SOC 2, and there aren't too many items on it. I'd estimate May
Rob
Robβ€’9mo ago
Thank you for the update! Looking forward to it πŸ™‚
jamwt
jamwtβ€’4mo ago
thedevstockgirl
thedevstockgirlOPβ€’4mo ago
That’s super awesome to hear. πŸŽ‰πŸŽ‰πŸŽ‰ Thank you. Convex to the moon. πŸŒ™