Fastly believes in providing the right security for its customers and regularly measuring our security program. We maintain audits and supporting documentation for the following regulatory and audit standards.

SOC 2 Type 2: Fastly is audited against the Trust Service Criteria for Security and Availability as established by the AICPA.  

GDPR:  Fastly is audited against key articles of the General Data Protection Regulation, mapped to data protection and privacy controls for Fastly as a data processor. 

PCI DSS: Fastly’s PCI-compliant caching product allows customers to configure their services in accordance with our Payment Card Industry Data Security Standard (PCI DSS) attestation of compliance as a Level 1 Service Provider. 

HIPAA:  Fastly’s HIPAA-compliant caching product allows customers to configure their services to meet relevant sections of the Security and Privacy Rules of the Healthcare Insurance Portability and Accessibility Act (HIPAA). Fastly performs an annual audit against these requirements.   

If you are a Fastly customer, you can request these audit reports via your customer success point of contact.