Compliance and Security

The Health Insurance Portability and Accountability Act of 1996 Title II (HIPAA) addresses safeguards to secure electronically protected health information (ePHI), including log management and audit requirements. Mezmo's systems and processes are fully compliant with HIPAA, and we are audited for HIPAA and HITECH compliance every year by a third-party qualified security assessor. For customers on our HIPAA-compliant logging plan, Mezmo will sign a Business Associate Agreement (BAA) and take on the associated legal liability of handling your sensitive data.

To ensure compliance, Mezmo provides a secure and convenient archiving service for logs older than the retention period of your Mezmo plan.Please contact your account manager or outreach@mezmo.com to request Mezmo's most recent report.

‍

Mezmo Inc. achieves ISO 27001:2013 Certification San Jose, CA – November 2, 2022 – Mezmo Inc., the industry leader in centralized log management today announced that it has received ISO 27001:2013 certification for its Information Security Management System (ISMS).

ISO 27001:2013 is an information security standard published by the International Organization for Standardization (ISO), the world’s largest developer of voluntary international standards, and the International Electrotechnical Commission (IEC). Mezmo Inc.’s certification was issued by A-lign, an independent and accredited certification body based in the United States on successful completion of a formal audit process. This certification is evidence that Mezmo Inc. has met rigorous international standards in ensuring the confidentiality, integrity, and availability of the defined scope.

‍

‍

Mezmo is committed to ensuring the highest level of privacy protection. As a General Data Protection Regulation (GDPR) compliant organization, Mezmo has standardized user data privacy across the EU nations, regardless of where the organizations themselves are located.

‍Learn more about Mezmo's approach to GDPR.

The SOC 2 Report demonstrates Mezmo's commitment to meeting the most rigorous security, availability, and confidentiality standards in the industry. It verifies that Mezmo's security controls are in accordance with the AICPA Trust Services Principles and Criteria.

Please contact your account manager or outreach@mezmo.com to request Mezmo's most recent report.

Mezmo has been audited by an independent PCI-DSS Qualified Security Assessor (QSA) and is certified as a PCI-DSS Level 1 Service Provider. This is the most stringent level of certification available in the payments industry.

Please contact your account manager or outreach@mezmo.com to request Mezmo's most recent report.

To comply with EU data protection requirements Mezmo complies with Data Privacy Framework (DPF). This enacts protections for the personal data of EU individuals when it is transferred to the United States.

‍Learn more about 's approach to DPF.

Learn more about Mezmo’s Active Participant Detail with DPF.

Mezmo complies with the California Consumer Privacy Act (CCPA) and supports our customers’ compliance with the CCPA. As a provider of enterprise log management tools, Mezmo is primarily a service provider under the CCPA. You can read more about Mezmo's commitment to compliance in our Privacy Policy.

‍Learn more about our approach to CCPA.

In accordance with the Digital Services Act, we have appointed a representative to handle compliance matters. You can contact our DSA representative at:

Name: Data Protection Representative Limited (trading as DataRep)
Postal Address: DataRep, The Cube, Monahan Road, Cork, T12 H1XY, Republic of Ireland
‍Email: digitalrequest@datarep.com
‍Telephone: +353 (1) 919 8899

‍

The Cloud Security Alliance (CSA) STAR Level 1 certification recognizes our commitment to cloud security best practices. This certification demonstrates that our organization adheres to the rigorous requirements of the CSA's Cloud Controls Matrix (CCM), which covers key areas such as data security, risk management, and compliance for cloud environments.

By achieving CSA STAR Level 1, we provide customers with assurance that we are committed to maintaining high standards of security and transparency in our cloud-based services.

Please view our listing here.