Supabase is now HIPAA and SOC2 Type 2 compliant

Supabase has announced that it has achieved HIPAA and SOC2 Type 2 compliance. The company received its Type 2 certification on May 22nd and plans to conduct annual audits to maintain compliance. The process involved gathering evidence and developing new processes to ensure all information was readily available. Supabase is considered a business associate and has signed agreements with vendors to protect PHI. Customers handling PHI are encouraged to self-host Supabase to maintain compliance. Users who sign a BAA with Supabase also have responsibilities to ensure PHI is stored securely.