----------------------------- **While I generate an answer, here are some sources that might be helpful**: * [SOC-2 Compliance]() * [On-Prem Deployments]() * [Prompting Guide]() * [HIPAA Compliance and Voices]() -----------------------------

### Answer Vapi complies with SOC-2 standards, which is a framework for managing data to ensure its security, availability, processing integrity, and confidentiality. SOC-2 compliance demonstrates that Vapi adheres to rigorous standards to protect your data and ultimately your privacy and security [(1)]() . As for other standards, the available documentation does not specify additional compliance frameworks that Vapi adheres to beyond SOC-2. If you require information on other specific compliance standards or further details, checking directly with Vapi's support might provide definitive answers. : [SOC-2 Compliance]()

@ruMblE SOC, or Service Organization Control, refers to a suite of reports produced during an audit that measures how a company handles data. SOC compliance ensures that a company manages data securely and in a way that protects the organization and the privacy of its clients. In addition to being SOC compliant, VAPI also adheres to GDPR, which is the General Data Protection Regulation protecting privacy and personal data for individuals within the European Union, and HIPAA, which is the Health Insurance Portability and Accountability Act ensuring the protection of sensitive patient health information in the United States. For more detailed information on our compliance standards, you can visit our security page at https://security.vapi.ai/.