Compliance

Bitaic is dedicated to ensuring that your data is handled securely, privately, and in compliance with industry standards and regulatory requirements. Our platform is built with robust security and privacy measures to help you maintain compliance, while also supporting your organization's specific compliance needs.

Compliance Standards and Certifications

Bitaic aligns with widely recognized security and privacy standards to provide a compliant and trustworthy platform for infrastructure monitoring.

  • GDPR (General Data Protection Regulation): Bitaic adheres to the principles of GDPR, ensuring that personal data from European Union residents is collected, processed, and stored responsibly. We provide users with full control over their data, including the right to access, delete, and modify personal information.
  • HIPAA (Health Insurance Portability and Accountability Act): For clients in healthcare, Bitaic is HIPAA-ready, with protections in place for data storage, transmission, and access control to ensure the confidentiality and security of Protected Health Information (PHI). Bitaic can sign Business Associate Agreements (BAAs) with healthcare customers upon request.

Data Privacy and User Rights

Bitaic respects user privacy and has measures in place to help you manage data in compliance with privacy regulations.

  • Data Minimization: Bitaic collects only the data necessary for providing monitoring services, following the principle of data minimization.
  • User Rights: Users have full control over their personal data stored within Bitaic, with options to:
    • Access: Request access to data collected and stored on the platform.
    • Amend: Make changes or corrections to personal data if needed.
    • Delete: Permanently delete personal data in compliance with GDPR and similar regulations.
  • Data Residency: For organizations requiring data residency within specific geographic regions, Bitaic supports configurable data storage options, ensuring data is stored within your specified region.

Security Measures Supporting Compliance

Bitaic's security practices are designed to meet or exceed compliance requirements for data protection.

  • Encryption:
    • Data in Transit: Bitaic uses TLS encryption to secure data as it moves between agents, users, and Bitaic's backend, preventing interception.
    • Data at Rest: All stored data is encrypted using AES-256 encryption, protecting data on our servers from unauthorized access.
  • Access Controls:
    • Role-Based Access Control (RBAC): Bitaic allows administrators to define roles and permissions to restrict data access according to user responsibilities.
    • Multi-Factor Authentication (MFA): MFA can be enabled to add a layer of security during user login, reducing unauthorized access risks.
  • Audit Trails:
    • Comprehensive Logging: Bitaic logs all critical actions, such as login attempts, configuration changes, and data access requests, creating an audit trail that meets compliance and regulatory standards.
    • Tamper-Proof Logs: Logs are protected from alteration or deletion, ensuring an accurate and reliable record of activities for security and compliance purposes.

Customer Compliance Tools

To assist customers in achieving their own compliance, Bitaic offers features and resources tailored to organizational compliance needs.

  • Data Export and Portability: Bitaic enables customers to export data in standard formats for integration with other compliance tools or regulatory audits.
  • Customizable Data Retention Policies: Define how long data should be stored in Bitaic, enabling compliance with industry-specific data retention standards.
  • Access Reports: Generate reports on user access, data usage, and audit trails to support internal audits and compliance documentation requirements.

Compliance Support

Bitaic's compliance team is available to provide guidance and assistance for customers with specific regulatory requirements. Whether you need additional information on our compliance practices, assistance with audits, or documentation for your organization's compliance, we're here to help.

  • Contact Compliance Support: For compliance-related inquiries, please reach out to our support team at support@bitaic.com.

Transparency and Reporting

Bitaic is committed to transparency and provides customers with ongoing updates about our security practices, audit results, and compliance status.

  • Breach Notification Policy: In the unlikely event of a data breach, Bitaic has a documented breach response policy, ensuring timely notification to affected customers and regulators as required by law.
  • Data Processing Addendum (DPA): Bitaic provides a DPA to all customers to outline our responsibilities in handling and processing customer data, detailing compliance with GDPR and other privacy regulations.

Data Localization and Residency Options

For customers requiring data localization for regulatory or corporate policy reasons, Bitaic offers region-specific storage options. You can specify data residency to ensure that data remains within a designated geographic area.

  • Available Regions: Choose from several regions based on availability, ensuring compliance with regional data residency laws.
  • Customer-Controlled Data Deletion: Customers have the ability to delete data based on organizational requirements, with a clear process for ensuring data is removed from Bitaic's systems.

Compliance Documentation and Resources

Bitaic provides a range of resources to assist customers with understanding and meeting compliance standards:

  • Compliance Documentation: Documentation detailing Bitaic's security and privacy practices, available upon request.
  • Privacy Policy: Details our data handling, processing, and retention practices in accordance with regulatory requirements.
  • Data Processing Agreement (DPA): Available for all customers, specifying our compliance with GDPR and other data protection laws.