Business compliance

Are you mandated by a governing agency?

Allow IDrive to assist your organization in complying with the regulations governing your industry.

What is motivating your disaster recovery plan?

Many businesses now face federal and governing agency mandates that require meticulous backup records for electronic transactions. Industry-specific regulations emphasize confidentiality, portability, and financial record preservation, forcing organizations to implement processes that support data backup and recovery objectives.

IDrive complies with SOC 2 Type 2 and ensures highest standards of security and confidentiality for your data. IDrive assists companies within the medical, accounting, and legal professions in their effort to comply with the regulatory norms of GDPR, PCI, HIPAA, SOX, GLBA, and SEC/FINRA, and other security standards.


IDrive assists your company in meeting compliance mandate by providing:

  • Secure data transfer/storage using 256-bit AES encryption
  • Encrypted data storage to prevent tampering, alterations, and unauthorized access
  • Date and time-stamped data access by each user
  • 24/7 data access via any broadband connection


  • IDrive cloud backup offers the choice of employing private encryption which is known only to the user and not stored on IDrive servers, in addition to default encryption. Explore the distinction between private and default encryption here.
  • Google Workspace Backup and Microsoft Office 365 Backup employ industry-standard default encryption protocols to ensure secure data storage.

IDrive complies with industry and government standards and regulations

  1. SOC 2 Type 2

    IDrive has proudly achieved SOC 2 Type 2 certification through a rigorous evaluation conducted by an independent third-party auditing firm. This certification validates that our cloud backup and storage solutions, as well as our policies and procedures, adhere to industry-leading standards for safeguarding customer data and account information. To obtain a copy of the SOC 2 Type 2 report, eligible customers, partners, and prospects are encouraged to reach out to IDrive Support. Your trust in our commitment to best practices is our priority.

  2. GDPR

    The General Data Protection Regulation (GDPR) is a European Union regulation that is aimed at protecting the personal data of EU citizens. IDrive employs the best practices and technologies to ensure the highest standards of data security and privacy of personal data.

    Know more
  3. PCI

    Businesses that handle cardholder information are required to comply with the Payment Card Industry Data Security Standard. IDrive is PCI compliant and does not directly store credit card or financial data; we use third-party vendors to store and manage cardholder data and conduct online transactions.

  4. HIPAA

    The Health Insurance Portability and Accountability Act (HIPAA), provides directives on administrative, physical, and technical safeguards for patient data and records. The security and privacy measures implemented by IDrive assist businesses in the healthcare domain to meet HIPAA compliance.

    Know more
  5. SOX

    Sarbanes-Oxley (SOX) Act mandates the retention of electronic records, messaging, and financial transactions. IDrive assists businesses in complying with SOX requirements, providing support for the secure retention of crucial electronic data.

    Know more
  6. GLBA

    Gramm-Leach-Bliley Act safeguards consumer private information at various financial institutions. IDrive aids financial institutions in complying with the Gramm-Leach-Bliley Act, ensuring the secure protection of consumer data.

    Know more

    The Securities and Exchange Commission (SEC) and Financial Industry Regulatory Authority (FINRA) mandate secure, long-term storage solutions for financial records and electronic communications. IDrive helps financial institutions meet these compliance requirements.

    Know more
  8. CJIS

    The CJIS Security Policy provides appropriate controls to protect the full lifecycle of CJI, whether at rest or in transit. IDrive Inc. provides critical data security protection without compromising privacy and can help customers comply with the guidelines for the creation, viewing, modification, transmission, dissemination, storage, and destruction of CJI.

    Know more
  9. FERPA

    FERPA grants parents and eligible students the right to access, amend, and control the disclosure of personal information contained in these records. IDrive Inc. provides adequate security measures and controls to ensure customers meet the FERPA requirements.

    Know more
Business Associate Agreement

IDrive's Business Associate Agreement is in accordance with federal government standards. This agreement is available on request to IDrive Business, Team, and Enterprise users who opt for Private key encryption. IDrive Cloud-to-Cloud backup users and Bulk Resellers can also place a request.

Fill up the form to place your request for IDrive's business associate agreement.

  • Associate details
  • Mailing address
  • Verification