Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Worldwide there are many certifications for a wide range of business needs and industries.

Yasoon is an internional SaaS provider and we cannot comply with all of them.
Here is a list with additional certifications that might be important for you, but yasoon does not comply with and some guidance on how to handle it.

HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) is a federal regulation developed by the U.S. Department of Health and Human Services. HIPAA was designed to protect the privacy and security of an individual’s Protected Health Information (PHI) and establishes standards and requirements around the use, disclosure, and protection of that data. HIPAA applies to covered entities and business associates, that create, receive, maintain, access, or send PHI.

Explanation

While yasoon does not store any Jira or Microsoft business data on their own servers, we process these data. While we keep a high level of security with SOC2 reports and ISO 27001, we are not explicitly tested against HIPAA.

Customer Considerations

For most customers, not all Jira projects contain PHI data. You may want to use our services for internal projects, IT service and more but remove access to projects with PHI data with a data security policy.

FedRAMP

The U.S. Federal Government established the Federal Risk and Authorization Management Program (FedRAMP), a government-wide program that provides a standardized approach to security and risk assessment, authorization, and continuous monitoring for cloud products and services. All federal agency cloud deployments and service models, other than certain on-premises private clouds, must meet FedRAMP requirements at the appropriate impact level (Low, Moderate, or High).

Explanation

US govermental agencies are not a focus for yasoon and therefore FedRAMP is not planned. Yasoon only works with the public Microsoft 365 Cloud and not with the US national clouds (GCC or GCC High). As an US agency running on these Microsoft Clouds, you might not benefit from our products anyway.

  • No labels