SOC 2 Type 2 audit reports are available to customers on the Team and Enterprise plans of PowerSync Cloud, as well as customers using the Enterprise Self-Hosted Edition.
Customer data is encrypted at rest, access to that data by support staff is strictly controlled by access control mechanisms and robust write-only logging is present across the entire stack.
All HTTP connections are encrypted using TLS.
Additionally, customers on our Enterprise plan can request their data to be housed in managed, isolated tenants.
See Private Endpoints for using a private network to your database using AWS PrivateLink.We use Private Endpoints instead of VPC peering, to ensure that no other resources are exposed between VPCs.
PowerSync Cloud is HIPAA compliant. You can sync Protected Health Information (PHI) or electronic PHI (ePHI) using PowerSync Cloud provided that you fulfill your obligations under our shared responsibility model. Refer to our HIPAA Compliance page for details.
