Where we stand on compliance.
Compliance is earned through process, evidence, and independent assessment. This page is an honest snapshot of where Enigma Genetics is — not a marketing claim of what we hold today.
HIPAA alignment
RoadmapBuilding toward processes and controls aligned with HIPAA standards for handling protected health information. Independent assessment is a future step on the roadmap.
GDPR alignment
RoadmapDesigning data-rights flows (access, export, deletion, consent revocation) aligned with GDPR principles. Specific implementation depends on jurisdictional rollout.
SOC 2 Type I
RoadmapSOC 2 Type I attestation is on the roadmap. Enigma Genetics has not stated that it currently holds SOC 2 Type I.
SOC 2 Type II
RoadmapSOC 2 Type II requires an extended observation window and is a later-stage roadmap item, contingent on Type I and platform maturity.
Data Processing Agreements
In progressStandard partner DPAs are being prepared for labs, research partners, and employer integrations.
Penetration testing
RoadmapThird-party penetration testing of GeneVault and the consent layer is planned as the platform approaches general availability.
Questions about a specific framework or assessment? trust@enigmagenetics.cloud. See also Security and Data Rights.