Information Security and Compliance
Our customers trust us with their data, and we’re committed to enforcing all safeguards needed to protect your information.




A High Bar for Privacy and Security
We’re dedicated to protecting the security of your data with robust safeguards in place governing the infrastructure, data encryption and partners with independent security consulting firms for penetration testing and vulnerability assessments.

Under the California Consumer Privacy Act (CCPA), any California consumer can request to view all information a company has saved on them along with a full list of all third parties that data is shared with. If privacy guidelines are violated, even if there is no breach, consumers have the right to sue the company. hireEZ values consumer trust and is CCPA compliant.
Learn more about CCPA--->
The GDPR is the latest data protection directive for businesses to protect the privacy of EU citizens with enhanced security provisions. hireEZ is GDPR compliant.
Learn more about GDPR--->
The SOC 2 Type 2 reports concern policies and procedures over a specified time period. For this more rigorous designation, systems must be evaluated for a minimum of six months. hireEZ’s procedures and controls have been third-party audited to validate our success in ensuring the security, availability, processing integrity and confidentiality of our customer’s information.
Learn more about SOC 2 Type 2 certified--->
Like SOC 2, the SOC 3 report has been developed based on the Auditing Standards Board of the American Institute of Certified Public Accountants' (AICPA) Trust Service Criteria (TSC). The SOC 3 is a public report of internal controls over security, availability, processing integrity, and confidentiality.
Learn more about SOC 3--->
The Privacy Shield Framework, approved by the European Union (EU) and US Government, is a recognized mechanism for complying with EU data protection requirements when transferring personal data from the European Economic Area (EEA) to the United States. Organizations participating in the Framework are deemed to provide “adequate” privacy protection of data, as required under the EU Data Protection Directive and the General Data Protection Regulation (GDPR). hireEZ is aware of the Schrems II decision. In lieu of the Schrems II decision, hireEZ relies on the Standard Contractual Clauses (SCCs) from the GDPR incorporated into its Data Processing Addendums for any data transfers from the EEA to the U.S.
Learn more about EU-US Privacy Shield certified--->
The Office of Federal Contract Compliance (OFCCP) is a federal government organization that is responsible for ensuring that the companies working with the government are in compliance with fair employment practices. hireEZ supports record keeping standards established by OFCCP as required by our customers who are subject to this compliance. hireEZ helps the customers with their OFCCP audit by providing diversity reports that allows recruiters to gain analytical insights to their candidate pipelines. These reports provide a breakdown on the search by gender and ethnicity for candidates that they've taken an action on or engaged with on hireEZ's platform. These diversity reports from hireEZ can help a team's good faith diversity efforts in the case of an OFCCP audit, by allowing them to track and demonstrate the number of diversity searches performed and the ratio of underrepresented candidates in their pipeline.
Learn more about OFCCP--->Designed to Protect You
Data Center Security
Learn more about Amazon security:
SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70)



SOC 2

SOC 3

FISMA, DIACAP, and FedRAMP



DOD CSM Levels 1-5
PCI DSS Level 1

ISO 9001 / ISO 27001 / ISO 27017 / ISO 27018




ITAR

FIPS 140-2

MTCS Level 3

HITRUST


Penetration Testing and Vulnerability Assessments

Encrypted Data at Rest

Encrypt Data in Transit

Customer Data Retention and Destruction

Data Backups

Physical Security

Data Access Control Access

Secure Development Practices

Disaster Recovery and High Availability

