Is Claude SOC2 certified?

Anthropic has completed SOC2 Type II audit certification. When evaluating Claude for enterprise use, verify the current certification status with your Anthropic account team and request the audit report directly.

Can we use Claude with HIPAA-regulated data?

Claude can be used with HIPAA data through a Business Associate Agreement (BAA) with Anthropic. However, you must implement proper data handling controls, remove PHI where possible, and ensure your internal processes meet HIPAA technical safeguards.

Does Claude comply with GDPR?

Yes, Claude complies with GDPR when properly configured. Key requirements include: no personal data in prompts unless necessary, data processing agreements in place, user consent documentation, and Data Subject Access Request (DSAR) procedures.

Can we opt out of data training?

Yes. Anthropic offers data opt-out options through their Trust & Safety program. Enterprise customers can request that conversation data not be used to improve models. This must be negotiated as part of your contract.

Claude Security Review Checklist

Why Security Reviews Stall Claude Deployments

Security review is the number one blocker preventing enterprise organizations from deploying Claude. Not compliance concerns specifically — but the lack of clarity about what security means in the context of Claude.

Your CISO asks: "Where is the data stored?" Your CTO asks: "Can we control prompt logging?" Your Legal team asks: "What training data includes our industry?" Your Compliance Officer asks: "Is there a DPA?" And your InfoSec team asks: "What are the authentication options?"

These are all legitimate questions. But they're asked in isolation, without a coherent framework. Nobody knows whether they're asking about API deployments, Claude.ai Enterprise, Claude through a partner, or on-premise solutions. Nobody has a single reference document that maps these concerns to actual, verifiable answers.

The result: reviews drag from weeks into months. Stakeholders disagree on what "approved" means. Security leadership says "prove it," and nobody has the proof organized in one place.

This checklist solves that problem. It's organized by the 47 security questions that matter most. It maps each question to the evidence you'll need. And it tells you which answers are within your control, which are Anthropic's responsibility, and which require negotiation.

Data Classification and Handling: What Goes Into Claude

Everything starts here. If your organization cannot articulate what data will be sent to Claude, you cannot secure the deployment. Conversely, if you can clearly classify what data is safe, your security review becomes dramatically simpler.

The first decision is whether your data is truly sensitive. Many organizations assume all internal data is sensitive. But the truth is more nuanced. Here's the framework:

Public data: Marketing copy, public documentation, non-confidential process descriptions. Safe for Claude in almost all deployment models.
Internal data (non-sensitive): General business processes, team rosters, organizational structure, non-confidential meeting notes. Generally safe with controls.
Confidential data: Strategy documents, financial results, customer counts, business metrics, contracts. Requires API-level controls and data handling agreements.
Sensitive regulated data: PII, PHI, payment card data, trade secrets. Requires explicit contracts, audit rights, and technical controls.

Once you've classified your data, ask Anthropic these specific questions:

When we send data to Claude, where is it processed geographically?
Is it encrypted in transit and at rest?
How long is it retained before deletion?
Is it used to improve models by default, or can we opt out?
If we opt out, is that contractually guaranteed?
Can we request data deletion for specific conversations?
What's your data incident response process if our data is breached?

Document every answer. If they can't answer, escalate to their Account Team. If the Account Team can't answer, that's a red flag — it means the deployment method you're considering may not fit your data sensitivity.

Authentication, Access Controls, and SSO Integration

How your employees access Claude directly impacts your security posture. Claude.ai Enterprise uses SAML 2.0 and integrates with Okta, Azure AD, and other identity providers. The Claude API doesn't manage user authentication — your application does.

For Claude.ai Enterprise, verify:

Does your IdP (Okta, Azure AD, etc.) integrate without custom code?
Can you enforce multi-factor authentication (MFA) at the SSO level?
Are session timeouts configurable? What's the default?
Can you see login attempts and failed authentications?
Can you revoke access immediately by removing the user from your directory?
Does Anthropic provide audit logs of who accessed what conversations?
Can you restrict Claude.ai access by IP address or VPN?

For API deployments, you control authentication entirely. But you must ensure:

API keys are rotated every 90 days minimum.
Keys are never stored in source code — use environment variables or secrets management tools.
Key access is logged and audited.
You have a revocation process if a key is compromised.

Most security reviews fail here because organizations don't understand the difference. Claude.ai Enterprise is a SaaS application; you inherit Anthropic's auth infrastructure. Claude API is a tool you integrate; you own the auth responsibility.

Data Residency, Retention, and Deletion Policies

This section covers three separate concerns, but they're deeply related.

Residency: Where is your data processed and stored? If your organization operates in the EU or has GDPR obligations, this matters critically. Ask Anthropic:

Are EU conversations processed in EU data centers only?
Can you guarantee no data transfer outside the EU?
If not, what's the legal mechanism (Standard Contractual Clauses, etc.)?

Retention: Once a conversation ends or a prompt is processed, when does Anthropic delete it? Default retention is typically 30 days for API calls and follows Claude.ai Enterprise settings for the SaaS version. But you can negotiate:

Can we request immediate deletion after each API call?
Is there a "no retention" option for sensitive conversations?
What happens to conversation data if we delete an account?
How is deletion verified — can we audit it?

Deletion: When you ask for data deletion, how quickly does it happen, and can you verify it? This is critical for GDPR Data Subject Access Requests (DSARs) and CCPA compliance. Establish:

The SLA for data deletion requests (typically 5-10 business days).
The process for bulk deletion of conversations.
How Anthropic certifies deletion to you (audit trail, letter of completion).
Backup and disaster recovery implications (is deleted data kept for DR?).

Need help with security approval? ClaudeReadiness specializes in bridging security teams and Claude deployments. We map your existing compliance framework to Claude requirements and prepare the security dossier your team needs.

Start Assessment →

Vendor Security Assessment: What Anthropic Provides

Your security team will ask: "Who is Anthropic? What's their security track record? Can they actually protect our data?"

Here's what you can expect to receive from Anthropic during vendor assessment:

SOC2 Type II audit report: Provides evidence of controls over security, availability, integrity, and confidentiality. Request this early — it's the foundation of vendor due diligence.
Data Processing Addendum (DPA): If you process personal data, you need a DPA in place before sending any data to Claude. This document outlines data processor obligations under GDPR and CCPA.
Business Associate Agreement (BAA): If you handle PHI (HIPAA), you need a BAA. This is separate from the DPA and specific to healthcare data.
Penetration testing results: Some organizations request third-party pen test results. Anthropic may provide summaries but typically doesn't share full reports externally.
Vendor security questionnaire responses: Your security team probably uses a standard template (Caiq, Vanta, etc.). Anthropic has completed these — request their responses.
Incident response procedures: How does Anthropic respond if there's a data breach? What's their timeline for notification? What liability do they accept?
Encryption specifications: TLS 1.3 in transit, AES-256 at rest. Request specifics on algorithm selection, key management, and certificate practices.

Organize this evidence as you gather it. Build a "vendor security dossier" in shared storage. This becomes your central reference when your CISO asks about any aspect of Anthropic's security posture.

The 47-Point Security Checklist

This is the comprehensive framework your team will work through. It's organized into six categories: Vendor Security (15 items), Data Handling (12 items), Access Control (10 items), Compliance (5 items), Incident Response (3 items), and Contract Terms (2 items).

VENDOR SECURITY (15 items)

Anthropic has completed SOC2 Type II certification.
SOC2 report covers security, availability, integrity, and confidentiality controls.
SOC2 audit is current (within last 12 months).
Anthropic provides a Data Processing Addendum (DPA) for GDPR/CCPA.
Anthropic provides Business Associate Agreement (BAA) for HIPAA deployments.
Third-party penetration tests have been completed in the last 12 months.
Anthropic publishes a security and privacy white paper.
Encrypted communication is enforced (TLS 1.3 minimum).
Data at rest is encrypted (AES-256 minimum).
Encryption keys are managed by Anthropic, not customer-managed.
Anthropic completes vendor security questionnaires (Caiq, Vanta, etc.).
Incident response procedures are documented and available.
Breach notification timeline is contractually defined (typically 30 days).
Anthropic accepts liability for data breaches up to a defined cap.
Anthropic publishes a transparency report on government data requests.

DATA HANDLING (12 items)

Data classification framework is defined (public, internal, confidential, sensitive).
Data residency is specified by region (EU, US, etc.).
Default data retention period is 30 days or less.
Organizations can request data opt-out from model training.
Data opt-out is contractually guaranteed.
Data deletion requests are processed within defined SLA (5-10 business days).
Bulk deletion capability exists (for entire accounts or conversation sets).
Deletion is audited and can be verified by customer.
Conversation data is not sold or shared with third parties without consent.
Customer data is isolated from other customers' data.
Data backups are tested and restore time is defined.
Disaster recovery procedures are documented and tested quarterly.

ACCESS CONTROL (10 items)

SSO integration is available (SAML 2.0 minimum).
Okta integration works without custom code.
Azure AD integration works without custom code.
Multi-factor authentication (MFA) is enforced at IdP level.
Session timeouts are configurable (default 8-24 hours).
Failed login attempts are logged and auditable.
User removal from directory immediately revokes access.
Conversation audit logs show who accessed what and when.
IP address restrictions can be enforced.
API keys can be rotated and revoked immediately.

COMPLIANCE (5 items)

GDPR compliance statement is provided.
HIPAA BAA is available (if handling PHI).
CCPA compliance framework is documented.
Data Subject Access Request (DSAR) process is defined with timelines.
Third-party audit rights are contractually granted.

INCIDENT RESPONSE (3 items)

Incident response plan is documented and tested.
Breach notification to customers occurs within 30 days.
Anthropic maintains cyber liability insurance.

CONTRACT TERMS (2 items)

Service Level Agreement (SLA) defines uptime guarantees.
Contract includes indemnification for IP infringement and data breaches.

Score your deployment: aim for 45+ items confirmed before pilot deployment. If 10+ items cannot be confirmed, escalate to your Anthropic Account Team before proceeding.

📋

AI Compliance: SOC2, HIPAA, GDPR for Claude Deep dive on compliance frameworks, control mapping, and regulatory consideration for enterprise Claude deployments.

Organizing Your Security Review Process

Don't approach this checklist as a linear document. Instead, organize your review around the stakeholders who need to sign off:

CISO/Security Director: Owns items 1-15 (vendor security). They need the SOC2 report and DPA before anything else.
Compliance Officer: Owns items 38-44 (compliance and incident response). They need DPA, BAA, and audit rights defined.
Data Officer/Privacy Officer: Owns items 16-27 (data handling). They need to understand residency, retention, deletion, and training opt-out.
Infrastructure/IT Security: Owns items 28-36 (access control). They need to validate SSO integration and audit capabilities.
Legal/Procurement: Owns items 46-47 (contract). They need to review SLA and indemnification language.

Create a shared document (Google Sheets, Notion, etc.) with columns for: Item, Responsible Stakeholder, Evidence Required, Status (Not Started / In Progress / Complete), Evidence Link, Notes. Assign one stakeholder to drive each section. Set deadline targets: typically 2-3 weeks per section.

Schedule weekly security review sync calls. Don't wait until everything is "done" to discuss — early escalation prevents surprises at the final review.

Common Security Review Gaps and How to Avoid Them

We've helped 80+ organizations through Claude security reviews. Here are the patterns that cause delays:

Gap 1: No clear data classification. Security reviews stall because nobody agrees on what data is "safe" for Claude. Resolve this before security review: draft a one-page data classification policy and have your Legal, Compliance, and CISO teams co-sign it. This becomes your north star for the entire review.

Gap 2: Waiting for "perfect" SOC2. Some organizations demand a recent SOC2 Type II audit before moving forward. Anthropic's audit is current, but it doesn't mean every edge case is covered for your use case. Instead, use SOC2 as foundation (not veto), and layer your own controls assessment on top.

Gap 3: Conflating API and SaaS security requirements. If you're deploying Claude API, you own authentication and access control entirely. Asking Anthropic "how do you enforce MFA" doesn't apply — you implement MFA. If you're deploying Claude.ai Enterprise, you inherit Anthropic's auth infrastructure. Don't confuse the two.

Gap 4: No incident response plan. Security teams review vendor security, but they don't plan for incidents. Before deploy, draft: "If Claude is compromised, what's our response timeline? Who do we notify? How do we quarantine data?" This isn't Anthropic's job — it's yours.

Gap 5: Missing audit rights in contract. Your compliance and audit teams need contractual rights to verify Anthropic's controls. Make sure your DPA or MSA explicitly grants audit rights. If Anthropic doesn't provide audit access, escalate this early.

After the Checklist: Ongoing Security Operations

Once you've completed this checklist and received security approval, your work isn't done. Establish ongoing security operations for Claude:

Quarterly compliance reviews: Check that you're still meeting contractual obligations (data retention, opt-out, audit rights).
Annual vendor re-assessment: Update SOC2 report, confirm changes to DPA or incident response procedures, refresh vendor questionnaire responses.
Incident response drills: Practice your data breach response plan involving Claude at least twice per year.
Access control audits: Monthly review of who has Claude access, when they accessed it, and whether access is still justified.
Data handling audits: Spot-check that teams are classifying data correctly and not sending sensitive data to Claude without authorization.

This ongoing discipline prevents security drift and makes future security reviews faster.