Neo4j Is Now SOC2 Type 2 Compliant

At Neo4j, we continually invest in security best practices to ensure that our client’s data stays safe and secure. As a part of our ongoing effort, we are excited to announce that we’ve successfully completed our SOC 2 Type 2 report, which now extends across all our Cloud Service Providers for 2024 and has additionally achieved compliance with the Health Insurance Portability and Accountability Act (HIPAA) requirements.

SOC2 Type 2 attests that our information security policies, procedures, and controls meet the SOC2 security standard data management and security requirements. The certification is granted by an independent third-party auditor, who performs an in-depth evaluation of the service provider’s security controls and policies.

As of February 2024, Neo4j’s compliance with requirements of the HIPAA Security Standards for the Protection of Electronic Protected Health Information and the Notification in the Case of Breach of Unsecured Protected Health Information enacted as part of the American Recovery and Reinvestment Act of 2009 has been audited by an independent audit firm and found to be designed and implemented. Our HIPAA Type 1 Attestation report provides reasonable assurance that the applicable HIPAA and HITECH requirements are being met.

For enterprise organizations, this means they can trust Neo4j to manage their critical data and infrastructure, knowing that we’ve taken the necessary steps to protect their information.

SOC2 Type 2 Brings 3 Major Benefits to Enterprise Organizations

  1. There are many benefits that SOC2 Type 2 compliance brings to enterprise organizations. First and foremost, it assures that their data is being managed in a secure and compliant manner. This is particularly important for companies that handle sensitive or regulated data, such as healthcare or financial data.

  2. SOC2 Type 2 compliance demonstrates that Neo4j has implemented robust security controls and processes to protect customers’ data. This includes measures such as access controls, data encryption, and regular security audits and testing.

  3. SOC2 Type 2 compliance is an important factor in maintaining customer trust and confidence. With data breaches and cyber-attacks becoming increasingly common, enterprise organizations must work with service providers who take security and compliance seriously. In achieving SOC2 Type 2 compliance, Neo4j is demonstrating its commitment to protecting our customers’ data and ensuring the highest levels of security and compliance.

Learn more about Neo4j Aura’s security controls and features, including both Aura data security and Neo4j’s stringent security policies and practices that keep your data safe at