Attestations and certifications
Our commitment to industry-leading standards
Verily adheres to several industry-recognized frameworks, standards, and regulatory requirements and commissions independent cybersecurity and assurance firms to assess and audit Verily’s compliance. Verily’s Security & Privacy policies, standards, and procedures are regularly reviewed, updated, and disseminated to personnel to ensure continued alignment with industry standards and the evolving threat landscape.
SOC 2 Type II
Third-party audit that assesses security controls and practices for the following solutions: ARDA, Granular (Underwriting System), Lightpath (Precision Health Platform & Verily Me), Onduo, Research Sponsor (Project Baseline), Site CTMS, Retinal Service SensorSuite, Study Watch & Hub, and Workbench.
ISO/IEC 27001, 27799*
Certified compliant to this set of internationally-recognized standards for information security management in ARDA, Granular (Underwriting System), Lightpath (Precision Health Platform & Verily Me), Onduo, Research Sponsor (Project Baseline), Site CTMS*, Retinal Service, SensorSuite, Study Watch & Hub, and Workbench.
HITRUST CSF r2
Assessment and certification process for risk management and compliance programs built into Verily Onduo.
HIPAA Security and Privacy Rules
Independent audits to protect electronic health information (ePHI) through implementation of administrative, physical, and technical safeguards built into ARDA, Lightpath (Precision Health Platform and Verily Me), Retinal Service, Site CTMS, and Verily Onduo.
Security and privacy by design
Verily has implemented numerous layers of controls around the data of our users, customers, and partners, such as strong encryption (both in-transit & at-rest) and tightly restricted and closely monitored role-based access. Verily also empowers its users, customers, and partners to manage and control access to their data in accordance with their own respective needs, preferences, and compliance commitments.
Additional information and partnership
For additional information, such as access to attestation reports or product architecture details/white papers, a NDA may be required. If you’re an existing or prospective customer or inquiring about partnerships with Verily, please reach out to info@verily.com for more information.