Compliance built for regulated industries
Lakehouse meets the most stringent compliance requirements across healthcare, financial services, government, and more. Access our compliance documentation, and compliance documentation.
Industry-standard compliance
Our compliance standards demonstrate our commitment to maintaining the highest levels of security, privacy, and operational excellence.
SOC 2
Compliant with security, availability, processing integrity, confidentiality, and privacy controls.
Available Documents
- SOC 2 Compliance StatementAvailable upon request
HIPAA
Health Insurance Portability and Accountability Act compliance for healthcare data protection.
Available Documents
- HIPAA Compliance StatementAvailable upon request
- Business Associate AgreementAvailable for enterprise
GDPR
Full compliance with European Union General Data Protection Regulation requirements.
Available Documents
- Data Processing AgreementAvailable upon request
- Standard Contractual ClausesAvailable upon request
- GDPR Compliance StatementPublic
ISO 27001
Compliant with international standard for information security management systems (ISMS).
Available Documents
- ISO 27001 Compliance StatementAvailable upon request
Compliance for your industry
We understand that different industries have unique compliance requirements. Lakehouse is designed to meet the specific needs of regulated sectors.
Healthcare
Comprehensive healthcare compliance with signed BAAs, audit controls, and secure PHI handling.
- Business Associate Agreement (BAA)
- PHI encryption at rest and in transit
- Access logging and audit trails
- Minimum necessary access controls
Financial Services
Financial data protection with rigorous access controls and audit capabilities.
- SOX-compliant audit trails
- Role-based access controls
- Data retention policies
- Encryption standards compliance
Government
Government-grade security controls with data residency options.
- FedRAMP authorization (in progress)
- US data residency available
- FIPS 140-2 encryption modules
- Continuous monitoring
Legal
Legal industry compliance with privilege protection and matter management.
- Attorney-client privilege protection
- Legal hold capabilities
- Chain of custody documentation
- Secure external sharing
Compliance documentation
Access our library of compliance documents, statements, and legal agreements. Some documents require an NDA or are available only to enterprise customers.
Security & Privacy
- Upon request
SOC 2 Compliance Statement
Security compliance overview
- Public
Privacy Policy
Data collection and usage practices
- Upon request
Security Whitepaper
Technical security architecture
Legal & Contracts
- Upon request
Data Processing Agreement (DPA)
GDPR-compliant data processing terms
- Upon request
Standard Contractual Clauses
EU data transfer mechanisms
- Enterprise only
Business Associate Agreement
HIPAA BAA for healthcare customers
- Public
Terms of Service
Service usage terms
Compliance Statements
- Upon request
ISO 27001 Compliance Statement
ISMS compliance overview
- Upon request
HIPAA Compliance Statement
Healthcare compliance attestation
- Public
GDPR Compliance Statement
EU compliance documentation
Data Processing Agreement
Our Data Processing Agreement (DPA) outlines how we process personal data on your behalf, ensuring compliance with GDPR and other data protection regulations. The DPA includes:
- Standard Contractual Clauses (SCCs) for international transfers
- Technical and organizational security measures
- Sub-processor list and notification procedures
- Data subject rights handling procedures
- Incident notification timelines
Audit Reports
Current and prospective customers can request access to our audit reports and compliance documentation.
SOC 2 Compliance Statement
Security compliance overview and controls
ISO 27001 Compliance Statement
ISMS compliance overview
Security Architecture Overview
Technical security documentation
Need custom compliance support?
Our compliance team can help with your specific requirements.