Brightflag's approach
to compliance

We maintain a range of industry-standard certifications and authorizations to help you meet compliance requirements through our solutions.

ISO 27001:2013

Implementing, maintaining, and improving information security management.

SOC 1 Type II

Evaluating the effect of our controls on customers' financial statements.

SOC 2 Type II

Evaluating the security, availability, and processing integrity of our systems.


We serve customers in the highly-regulated healthcare and insurance industries.


We comply with the GDPR and support customers with their own compliance efforts.

Sarbanes–Oxley (SOX)

We help ensure that controls are in place and generating evidence for auditors.