Redpoint Logo
Redpoint Logo

Feb 4, 2025

Redpoint Global Achieves Highest Security Standards

WELLESLEY, Mass. – Redpoint Global, a leading Customer Data Platform serving healthcare, financial services, retail, and other verticals, today announced three major updates to its security standards and compliance measures, reaffirming its continued dedication to maintaining the highest levels of customer data security.

Redpoint is ISO 27001:2022 certified, it has a current attestation report for SOC2/Type 2 and is HIPAA-compliant for service providers.

“With these updated certifications, Redpoint demonstrates that it remains deeply committed to sensitive data protection,” said Ron Sanderson, Chief Information Security Officer. “We have the policies, procedures, and controls in place to ensure that when customers entrust us with their consumer data that we treat security with the same utmost importance as they would in a self-hosted environment.”

ISO/IEC 27001:2022 Certified

The updated ISO/IEC 27001:2022 certification showcases Redpoint’s robust approach to managing information security through a comprehensive Information Security Management System (ISMS). The ISMS covers all Redpoint computer systems and facilities, targeting executive management, employees, contractors, and partners. Systems are hosted on Microsoft Azure, Amazon Web Services, and Google Cloud Platform, with operations based in the USA and UK as detailed in the Redpoint Global Statement of Applicability ISO27001.

This certification reflects Redpoint’s adherence to international standards for identifying and mitigating information security risks, as well as maintaining continual improvement.

SOC 2 Type 2 Attestation

Redpoint successfully completed a SOC 2 Type 2 attestation, validating that its systems and controls align with the AICPA’s Trust Services Criteria for security, availability, and confidentiality. The SOC 2 Type 2 report evaluates Redpoint Global Inc.’s Customer Data Platform Services (“CDP Services”) system. It assesses the design and operating effectiveness of controls to meet the AICPA Trust Services Criteria for Security, Availability, and Confidentiality.

This independent attestation provides Redpoint clients with confidence that their data is handled securely and reliably within Redpoint’s systems.

HIPAA-Compliant Processes

Closing out its compliance updates, Redpoint’s safeguards that ensure the privacy and security of Protected Health Information (PHI) puts it in full compliance with the Health Insurance Portability and Accountability Act (HIPAA). Redpoint’s HIPAA compliance efforts focus on the Administrative, Physical, and Technical Safeguards as outlined in the Security Final Rule, specifically for Redpoint’s CDP Services system.

These include safeguards pertaining to workforce security, facility access controls and workstation security, audit controls, business associate agreements (BAAs) with compliant security measures, and the implementation of documented policies that ensure adherence to HIPAA standards and requirements.

While HIPAA does not have a formal certification mechanism, Redpoint’s practices are designed to meet and exceed regulatory requirements, ensuring that PHI entrusted to the company is managed with the utmost care and security.

A full account of Redpoint’s certifications and compliance can be found on the Redpoint Trust Center by clicking here.

About Redpoint Global – Redpoint helps innovative companies ignite the full potential of data to drive superior customer experiences across the enterprise. The Redpoint CDP creates the most complete, timely and accurate unified customer profile to power any business use case, using industry-leading data quality and identity resolution combined with dynamic, no-code segmentation and activation. Marketers and CX leaders rely on Redpoint to fuel hyper-personalized experiences that yield tangible ROI in customer acquisition, engagement, loyalty and retention. To learn more, visit www.redpointglobal.com.