We’re excited to share an update with you. CAKE has achieved Type 2 Service Organization Controls (SOC 2) compliance. Additionally, we have also completed our California Consumer Privacy Act (CCPA) compliance-readiness strategy that’s aligned with the new regulation.
CAKE’s certification and ongoing efforts demonstrate the company’s continued commitment to protect client data and individual privacy. With these efforts, CAKE clients can be even more confident that controls and auditing procedures are in place to maintain security, availability, and confidentiality.
CAKE passed its Type 2 SOC 2 Audit as certified by the American Institute of Certified Public Accountants (AICPA), assuring its customers that CAKE has and will continue to handle our clients’ data with integrity and care.
SOC 2 is an audit designed to ensure service providers are properly managing their data, in the interest of both the organization and client. The audit reports on controls relevant to security, availability, processing integrity, confidentiality, and privacy. After completing Type 2 SOC 2, CAKE was confirmed as having the proper controls in place and recorded in order to confidently do business with our clients while protecting their data. The purpose of Type 2 SOC 2 is for auditors to take a snapshot of time and determine whether a service provider has enforced and properly monitored their controls.
Effective as of January 1, 2020, the CCPA is a state statute intended to protect the privacy rights of consumers residing in California. CAKE will extend the main principles of the CCPA, just as it did with Europe’s General Data Protection Regulation (GDPR) in 2018.