Compliance

Compliance by Design,
Not Afterthought

ASE provides the architectural building blocks that compliance requires. Self-verified today. Third-party audits underway.

Transparency Notice

ASE compliance controls are self-verified through extensive internal testing. Third-party SOC 2 Type II audit is in progress. We believe in showing our work, not hiding behind vague claims. See the test results →

Framework Readiness

HIPAA

Self-Verified

Health Insurance Portability and Accountability Act

PHI auto-redaction (844 patterns tested)
Access audit logging
Encryption at rest (AES-256)
Role-based access controls

SOC 2 Type II

In Progress

Service Organization Control

Security monitoring
Availability SLAs
Processing integrity
Confidentiality controls

PCI-DSS

Self-Verified

Payment Card Industry Data Security Standard

PAN detection & masking
Network segmentation
Encryption in transit (TLS 1.3)
Access control policies

Shared Responsibility Model

Compliance is a partnership. ASE provides the infrastructure; you configure it for your use case.

ASE Provides

You Configure

Tamper-evident audit trails

Define what events to log

PHI/PII auto-redaction

Configure redaction patterns for your data

Encryption at rest and in transit

Manage encryption keys (Enterprise)

Role-based access control framework

Define roles and permissions for your org

Compliance report generation

Review and submit reports to auditors

Built-In Security Controls

Encryption

AES-256 at rest, TLS 1.3 in transit

Audit Logging

Every access logged with tamper detection

PHI Redaction

844 patterns tested, 0% leakage

Retention

Configurable retention policies

Compliance Roadmap

Q1 2026— Self-verification complete, public test results

Q2 2026— SOC 2 Type II audit initiated

Q3 2026— SOC 2 Type II report available

Q4 2026— HITRUST certification process begins

Questions about compliance?

We're happy to discuss how ASE fits your regulatory requirements.

Compliance by Design,Not Afterthought