Trust Center by Rillion
Certifications and Security Standards

SOC 1
A SOC 1 Report (System and Organization Controls Report) is a report on controls at a service organization which are relevant to user entities’ internal control over financial reporting. The service organization (with the assistance of the auditors) determines what the key control objectives are for the services they provide to their clients. Control objectives are related to both information technology processes and business processes at the service organization.
Organization Examined:
- Rillion Inc – Service Rillion Prime US
- Rillion AB – Service Rillion Prime EMEA
SOC 2
A SOC 2 report also falls under the SSAE 18 standard, though it is specifically addressed in sections AT-C 105 and AT-C 205. The SOC 2 report includes a service organization’s controls that are outlined by the AICPA’s Trust Services Criteria (TSC) that are relevant to its services, operations, and compliance. There are five available criteria that include security, availability, processing integrity, confidentiality, and privacy.
Service Organizations Examined:
- Rillion Inc – Service Rillion Prime US
- Rillion AB – Service Rillion Prime EMEA
HIPAA
The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for sensitive patient data protection. Companies that deal with protected health information (PHI) must have physical, network, and process security measures in place and follow them to ensure HIPAA Compliance.
Covered entities (anyone providing treatment, payment, and operations in healthcare) and business associates (anyone who has access to patient information and provides support in treatment, payment, or operations) must meet HIPAA Compliance. Other entities, such as subcontractors and any other related business associates must also be in compliance.

GDPR
CCPA
The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information that businesses collect about them. This law secures privacy rights for California consumers. All Rillion entities comply to CCPA.