Security governance
Compliance
Compliance certifications and regulatory support
FlowGenX is designed to meet enterprise compliance requirements and support regulatory obligations.
Certifications
SOC 2 Type II
Annual audit covering:
- Security
- Availability
- Processing Integrity
- Confidentiality
- Privacy
ISO 27001
Information security management system certification.
GDPR
EU data protection regulation compliance:
- Data processing agreements
- Right to erasure
- Data portability
- Consent management
HIPAA
Healthcare data protection (with BAA):
- PHI handling controls
- Access logging
- Encryption requirements
Data Residency
Regional Options
- US (Virginia, Oregon)
- EU (Frankfurt, Ireland)
- APAC (Singapore, Sydney)
Data Sovereignty
- Data stays in selected region
- Processing in-region only
- Cross-border transfer controls
Security Controls
Encryption
- At Rest - AES-256 encryption
- In Transit - TLS 1.3
- Key Management - Customer-managed keys (enterprise)
Network Security
- VPC isolation
- Private endpoints
- IP allowlisting
Access Controls
- SSO enforcement
- MFA requirements
- Session management
Compliance Tools
Data Processing Inventory
Track all data processing activities:
- Purpose of processing
- Data categories
- Retention periods
- Third-party sharing
Privacy Impact Assessments
Templates and workflows for:
- New feature assessments
- Third-party integrations
- Data flow analysis
Incident Response
Documented procedures for:
- Breach detection
- Notification workflows
- Remediation tracking
Documentation
Available compliance documentation:
- Security whitepaper
- Penetration test summaries
- SOC 2 report (under NDA)
- Data processing agreements
- Sub-processor list
Contact sales for access to compliance documentation.