Infrastructure
Compliance
SOC 2, ISO/IEC 27001, HIPAA, and GDPR posture for Ramain and the deployed environment.
Ramain maintains the following compliance posture. Full details, certifications, and audit reports available at trust.ramain.ai.
-
SOC 2 Type II — Controls operate to the Trust Services Criteria for security, availability, and confidentiality.
-
ISO/IEC 27001 — Information security management system certified to ISO/IEC 27001.
-
HIPAA — Ramain operates as a Business Associate. All AWS services in this architecture are HIPAA-eligible. BAA signed during onboarding when PHI is in scope.
-
GDPR — Data Processing Agreement with EU Standard Contractual Clauses available during onboarding. All data remains in customer's selected AWS region.
Additional resources: