Certifications and Security Standards ǀ Rillion

SOC 1

A SOC 1 Report (System and Organization Controls Report) is a report on controls at a service organization which are relevant to user entities’ internal control over financial reporting. The service organization (with the assistance of the auditors) determines what the key control objectives are for the services they provide to their clients. Control objectives are related to both information technology processes and business processes at the service organization.

Organization Examined:

Rillion Inc – Service Rillion Prime US

SOC 2

A SOC 2 report also falls under the SSAE 18 standard, though it is specifically addressed in sections AT-C 105 and AT-C 205. The SOC 2 report includes a service organization’s controls that are outlined by the AICPA’s Trust Services Criteria (TSC) that are relevant to its services, operations, and compliance. There are five available criteria that include security, availability, processing integrity, confidentiality, and privacy.

Service Organizations Examined:

Rillion Inc – Service Rillion Prime US
Rillion AB – Service Rillion Prime EMEA

HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for sensitive patient data protection. Companies that deal with protected health information (PHI) must have physical, network, and process security measures in place and follow them to ensure HIPAA Compliance.

Covered entities (anyone providing treatment, payment, and operations in healthcare) and business associates (anyone who has access to patient information and provides support in treatment, payment, or operations) must meet HIPAA Compliance. Other entities, such as subcontractors and any other related business associates must also be in compliance.

GDPR

GDPR is a set of rules that protect individuals’ privacy. The legislation regulates the processing of EU residents’ and citizens’ personal data, including collection, use, transfer, monitoring, tracking, and even viewing of personal data. It went into effect on May 25, 2018. Data subjects, as individuals are called in GDPR, have more rights to control their data. All Rillion entities comply to GDPR.

CCPA

The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information that businesses collect about them. This law secures privacy rights for California consumers. All Rillion entities comply to CCPA.

Interesting Readings

See all articles

Back to Trust Center Start page

AP Automation for your
peace of mind- we got this.

Schedule a Consultation

Contact us

North American HQ

Rillion Inc.
330 North Wabash Avenue, 23rd Floor
Chicago, IL 60611
Contact us

Swedish HQ

Rillion AB
Box 7025
103 86 Stockholm

Find local Rillion office

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

Name	Provider	Purpose	Expiration
_GRECAPTCHA	www.google.com	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.	5 months 27 days
nitroCachedPage	www.rillion.com	This cookie is set by the NitroPack cache plugin to provide load-balancing functionality.	session
wp-wpml_current_language	www.rillion.com	This cookie is set by the WPML plugin to store the current language.	session

3rd Party Cookies

These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. Read more about Google Privacy and Terms. They do not store directly personal information but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising. Act-On Beacon Tracking collects behavioral data on the website and form fills.

Name	Provider	Purpose	Expiration
CONSENT	.youtube.com	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.	2 years
_gcl_au	.rillion.com	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.	3 months
_ga	.rillion.com	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.	2 years
_gid	.rillion.com	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.	1 day
_gat_UA-227155837-1	.rillion.com	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.	1 minute
_ga_XZPJW5Z9YM	.rillion.com	This cookie is installed by Google Analytics.	2 years
_ga_D7QJ3XWQ0N	.rillion.com	This cookie is installed by Google Analytics.	2 years
_gaexp	.rillion.com	Google Analytics installs this cookie to determine a user's inclusion in an experiment and the expiry of experiments a user has been included in.	2 months 7 days 13 hours 22 minutes
_hjFirstSeen	.rillion.com	Hotjar sets this cookie to identify a new user’s first session. It stores a true/false value, indicating whether it was the first time Hotjar saw this user.	30 minutes
_hjIncludedInSessionSample	www.rillion.com	Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's daily session limit.	2 minutes
_hjIncludedInPageviewSample	www.rillion.com	Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's pageview limit.	2 minutes
_hjAbsoluteSessionInProgress	.rillion.com	Hotjar sets this cookie to detect the first pageview session of a user. This is a True/False flag set by the cookie.	30 minutes
_uetsid	.rillion.com	Bing Ads sets this cookie to engage with a user that has previously visited the website.	1 day
_uetvid	.rillion.com	Bing Ads sets this cookie to engage with a user that has previously visited the website.	1 year 24 days
AnalyticsSyncHistory	.linkedin.com	Linkedin set this cookie to store information about the time a sync took place with the lms_analytics cookie.	1 month
UserMatchHistory	.linkedin.com	LinkedIn sets this cookie for LinkedIn Ads ID syncing.	1 month
lang	.ads.linkedin.com	LinkedIn sets this cookie to remember a user's language setting.	session
bcookie	.linkedin.com	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.	1 year
lidc	.linkedin.com	LinkedIn sets the lidc cookie to facilitate data center selection.	1 day
bscookie	.www.linkedin.com	LinkedIn sets this cookie to store performed actions on the website.	1 year
li_gc	.linkedin.com	Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes.	5 months 27 days

Certifications and Security Standards

SOC 1

SOC 2

HIPAA

Interesting Readings

Solutions

Customers

The company

Contact us