Introducción
Level maintains formal compliance certifications and undergoes regular third-party security testing. This article summarizes the current compliance posture and how to request documentation.
For questions or concerns not covered here, contact [email protected].
SOC 2
Level is SOC 2 compliant. The audit evaluates security, availability, and confidentiality controls against the AICPA Trust Services Criteria.
To request a copy of the SOC 2 report, email [email protected].
ℹ️ NOTA: SOC 2 reports are shared under NDA. Include your organization name and contact details in your request.
HIPAA
Level supports HIPAA compliance requirements for covered entities and business associates. A Business Associate Agreement (BAA) is available on request.
To initiate a BAA or discuss HIPAA-specific requirements, contact [email protected].
GDPR
Level complies with the General Data Protection Regulation (GDPR) for the processing of personal data belonging to EU residents.
For data processing questions or to submit a data subject request, contact [email protected].
Penetration Testing
External security vendors conduct penetration tests quarterly. Testing covers the web application, API, and agent endpoints.
To request a copy of the latest penetration test report, email [email protected].
ℹ️ NOTA: Penetration test reports are shared under NDA, similar to SOC 2 reports.
More Information
For a broader overview of Level's security architecture, encryption practices, and infrastructure, visit level.io/features/security.
Preguntas frecuentes
How do I get a copy of the SOC 2 report? Email [email protected] with your organization name. Reports are shared under NDA.
Does Level sign BAAs for HIPAA? Sí. Contact [email protected] to start the BAA process.
How often does Level do penetration testing? Quarterly, using external third-party vendors.
Who do I contact with a compliance question not covered here? Email [email protected] for compliance, security documentation, and data processing inquiries.