Security and Privacy at Rev
Download Rev’s information security and privacy program overview.
Our Security and Compliance Standards
Rev is committed to safeguarding our customers’ data. To demonstrate this commitment, Rev maintains compliance with a number of both internationally-recognized and industry-specific security and privacy standards, including:
SOC 2 Type II
Rev engages an independent, third-party auditor to perform an annual SOC2 Type II Attestation. Rev’s SOC2 Type II report includes details on the internal controls at Rev designed to protect the security and maintain the availability of our customer’s data. More information on Rev’s SOC2 Type II report can be found here.
GDPR
Rev’s services were built with privacy in mind, designed to make it easy for customers to comply with their privacy obligations. More information on how Rev complies with privacy regulations can be found in Rev’s Data Processing Addendum and Privacy Policy.
PCI
Rev maintains PCI compliance as a merchant for payment processing. All credit card payments are facilitated through a third party payment processor. Rev does not store credit card details, only an independent ID associated with the account handled by the payment processor.
Storage and Transmission
All customer data is encrypted both in transit and at rest. Data stored on Rev’s platform, as well as communication between Rev servers and our customers, is encrypted via industry best-practice standards (like TLS). TLS is also supported for encryption of emails.
Backup and Recovery
Rev backs up critical system data multiple times per day to prevent data loss or corruption. All Rev and customer data is hosted at Tier IV or III+, SSAE-18, PCI DSS, and/or ISO 27001 compliant facilities in the United States.
Availability and Access
Rev maintains a redundant infrastructure in case of emergency, with a goal of 99% uptime. All customer data is accessible to staff only to the extent necessary to perform the required work. Our Security Team is on call 24/7 to respond to security alerts and incidents.
Privacy
Employees
Rev employees are trained and restricted to handle only the data required to perform their job. Employees are trained on the proper use of our systems and best practices for security & privacy. All employees undergo background checks and have signed confident
Transcriptionists and Captioners
Revvers (our transcriptionists, captioners, etc.) are vetted through a rigorous screening process, including identity verification, and receive training. All Revvers have signed confidentiality agreements. While actively working on a file, Revvers are required to use our secure and proprietary tools, only accessible through a web-based portal.
Third Party Marketers
We do not share or sell information we collect to third party marketers.
Within Your Team
Rev is built to work for collaborative and disparate teams. With multi-user accounts, admins can choose to restrict access with intuitive sharing controls.