Security –

Information Security and Compliance

Atomic is purpose built for organizations with the strictest data security and privacy requirements. Many of our customers are in the heavily regulated financial services and healthcare sectors and we maintain independent attestation in SOC2 Type 2 and HIPAA to provide you assurance of our reliable, robust processes and systems.


Our Security Promise

We take data integrity and security very seriously. Due to the nature of the product and service we provide, it is important that we acknowledge our responsibilities both as data controller as well as a data processor. We store and process your data and that of your customers with care and help you be compliant so that you can continue to build trust while enhancing customer experiences.

AICPA SOC Accreditation Logo

SOC 2 Type 2 Compliant

Service Organization Controls 2 Type 2 (SOC 2) is a reporting system put forth by the American Institute of Certified Public Accountants (AICPA). Auditing is independently undertaken by a CPA against a number of trusted service criteria (TSC). Atomic has been attested for security, availability and confidentiality. Please contact us to request a copy of our latest SOC 2 Type 2 report.

HIPAA compliant logo

HIPAA Compliant

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge. The US Department of Health and Human Services (HHS) issued the HIPAA Privacy Rule to implement the requirements of HIPAA. Atomic has been attested for the Security Rule. Please contact us to request a copy of our latest HIPAA report.

Enterprise Ready

Atomic is purpose built for organisations with the strictest data security and privacy requirements.

Single tenant data and storage isolation

Modern APIs for managing and deleting data

SSO, MFA, fine-grained User and API roles

Encryption in transit and at rest

Audit history of card data, customer and staff interactions

Externally code-reviewed, pen-tested and benchmarked

Support for data types that never get stored in our platform

You own and direct the handling of your customer data

Independently SOC 2 Type 2 and HIPAA attested

Book a demo

Discover how Atomic help your organization to rapidly expand the power of your apps.