Compliance & Security Posture
We take the security of your research data seriously. Learn about our strict adherence to privacy standards and our compliance roadmap for enterprise organizations.
Organizational Compliance Roadmap
Our timeline for official security attestations
Enterprise-grade security is foundational to Bibby. While our infrastructure is built entirely on compliant systems, we are currently in the process of obtaining our own organizational security certifications.
Target Completion: Q3 2026
We are actively working towards full SOC 2 and HIPAA compliance. Our engineering and legal teams are undergoing the necessary audits to finalize our organizational attestation.
Cloud Infrastructure
We do not host our own data centers. Instead, our infrastructure is built on industry-leading, HIPAA-compliant and SOC 2-certified cloud providers (like AWS/GCP).
- Physically secured data centers
- Encrypted data at rest (AES-256) and in transit (TLS 1.3)
AI Processing Subprocessors
To deliver advanced intelligence, we utilize Gemini AI as a subprocessor. Gemini provides enterprise-grade AI models that are fully HIPAA compliant.
- Zero data retention for training models
- Secure, isolated API pipelines
Want to learn more about how we encrypt your data and protect your intellectual property?
View Data Security Details