Soundtrace

Security & Privacy

Your Data Is Health Data.
We Treat It That Way.

Audiometric records are protected health information. Soundtrace is SOC 2 Type II certified, HIPAA compliant, and continuously monitored through Vanta.

Visit Trust CenterRequest SOC 2 Report
Independent 1910.95 AuditIndependent 1910.95 Audit
SOC 2 Type IISOC 2 Type II
HIPAA CompliantHIPAA Compliant
FDA RegisteredFDA Registered
Made in USAMade in USA

Compliance & Certifications

Independently audited and continuously monitored - not just a checkbox.

SOC 2 Type II

SOC 2 Type II

Annual independent audit by a licensed CPA firm covering security, availability, and confidentiality. Our report is available under NDA.

HIPAA Compliant

HIPAA Compliant

Comprehensive HIPAA compliance program with Business Associate Agreements, verified through continuous monitoring via Vanta.

FDA Registered

FDA Registered

Our audiometer is registered as a Class II medical device with the FDA, meeting the same standards as clinical audiometers.

Made in USA

Made in USA

All hardware is designed and manufactured domestically by Adonai Technologies with full quality control.

Security Practices

How We Protect Your Data

Enterprise-grade security built into every layer - from encryption to access controls to continuous monitoring.

Encryption

AES-256 encryption at rest for all stored data
TLS 1.2+ encryption in transit for all connections
Encrypted backups with geographic redundancy
Database-level encryption with managed key rotation

Access Controls

Role-based access control (RBAC) with least-privilege
SSO support via SAML 2.0 and OIDC
Multi-factor authentication available
Session management with configurable timeouts

Monitoring & Logging

Complete audit trail of all data access
Real-time security event monitoring
Automated alerting for anomalous activity
Log retention for compliance and forensics

Infrastructure

Hosted on SOC 2 certified cloud infrastructure
No on-premise deployment required
Automated patching and vulnerability management
Disaster recovery with defined RPO/RTO targets
HIPAA Compliance

HIPAA Compliance Program

Audiometric data is protected health information. Our HIPAA compliance program covers all required safeguards - administrative, physical, and technical.

Administrative Safeguards

Designated security officer
Workforce training program
Access management procedures
Security incident response plan
Regular risk assessments

HIPAA + OSHA: A Unique Intersection

OSHA requires employers to maintain and access audiometric records, while HIPAA restricts access to protected health information. Soundtrace's role-based access controls are specifically designed to satisfy both requirements simultaneously - giving authorized personnel the access OSHA mandates while enforcing HIPAA's minimum necessary standard.

Enterprise Ready

Built for Enterprise Security Reviews

Everything your IT and security teams need to approve Soundtrace - fast.

SSO Support

SAML 2.0 and OIDC single sign-on for seamless workforce authentication.

API & SFTP Access

REST API and SFTP for HRIS integration, data export, and system connectivity.

Continuous Monitoring

Automated compliance monitoring through Vanta with real-time status at trust.soundtrace.com.

Role-Based Access

Granular permissions by role - technicians, site managers, corporate EHS, and audiologists see only what they need.

Vendor Security Questionnaire

Pre-completed SIG, CAIQ, and custom questionnaire responses available on request.

BAA & DPA Ready

Standard Business Associate Agreements and Data Processing Addendums ready to execute.

Security & Privacy FAQ

Common questions from IT, compliance, and legal teams.

Ready to Review Our Security Posture?

Visit our Vanta Trust Center for live compliance status, or request our SOC 2 report and completed security questionnaires.

Visit Trust CenterTalk to Our Team