Attestations and certifications
Our commitment to industry-leading standards
Verily adheres to several industry-recognized frameworks, standards, and regulatory requirements and commissions independent cybersecurity and assurance firms to assess and audit Verily’s compliance. Verily’s Security & Privacy policies, standards, and procedures are regularly reviewed, updated, and disseminated to personnel to ensure continued alignment with industry standards and the evolving threat landscape.
SOC 2 Type II
Third-party audit that assesses security controls and practices for the following solutions: ARDA, Granular (Underwriting System), Lightpath (Precision Health Platform & Verily Me), Onduo, Research Sponsor (Project Baseline), Site CTMS, Retinal Service, SensorSuite, Study Watch & Hub, and Workbench.
ISO/IEC 27001, 27799*
Certified compliant to this set of internationally-recognized standards for information security management in ARDA, Granular (Underwriting System), Lightpath (Precision Health Platform & Verily Me), Onduo, Research Sponsor (Project Baseline), Site CTMS*, Retinal Service, SensorSuite, Study Watch & Hub, and Workbench.
HITRUST CSF r2
Assessment and certification process for risk management and compliance programs built into Verily Onduo.
HIPAA Security and Privacy Rules
Independent audits to protect electronic health information (ePHI) through implementation of administrative, physical, and technical safeguards built into ARDA, Lightpath (Precision Health Platform and Verily Me), Retinal Service, Site CTMS, and Verily Onduo.
Security and privacy by design
Additional information and partnership
For additional information, such as access to attestation reports or product architecture details/white papers, a NDA may be required. If you’re an existing or prospective customer or inquiring about partnerships with Verily, please reach out to info@verily.com for more information.