Compliance and Privacy Assurance

HIPAA

Cisco AppDynamics helps digital healthcare providers build exceptional end user experiences through high availability and application and business performance monitoring. Cisco AppDynamics is committed at all levels to the security of data entrusted to it by digital healthcare technology teams and has conducted a HIPAA self-assessment to ensure the best possible digital experience for healthcare providers and their own customers. In line with the HIPAA Security Rule, AppDynamics is not intended to process, store, transmit or otherwise access personal health information (PHI). In the event PHI is received, we are willing to sign Business Associate Agreements (BAAs) to facilitate the compliance of HIPAA for our customers. We have a comprehensive security program, as documented in our AppDynamics Trust Center. 

To request a signed BAA, please contact your account manager to begin the process.

SOC 2

AppDynamics’ privacy controls are examined at least once a year by a qualified and independent third-party auditor as part of AppDynamics’ SOC 2 Type II audit. Audit reports are available to customers upon request, as well as potential customers under NDA. We have received a SOC 2 attestation covering security, privacy, confidentiality, and availability since 2014.

Personnel Controls

All employees are required to undergo annual security training and must comply with Cisco’s Global Personal Data Protection and Privacy Policy and binding corporate rules.

GDPR

The GDPR reinforces existing data protection principles in the European Union (EU) and expands legal protections and privacy rights for EU citizens. A cross-functional effort between our privacy and product teams has led to many product enhancements designed to make it simple for our customers to use our products and SaaS service in compliance with GDPR. Learn more about AppDynamics' compliance with GDPR.

Privacy Policy

Our privacy policy reflects our commitment to protecting personal data. It provides details on the type of personal information we collect, how we store it, how we use it, and what rights individuals have and how to exercise them. Read our Privacy Policy.

Subprocessors

AppDynamics performs due diligence reviews of all third parties that support the delivery and availability of our products and services.  Prior to engaging third parties, we ensure that their information security program is reasonable and consistent with AppDynamics’ security and privacy obligations. Contractual agreements ensure sub-processing meets our high standards and applicable laws. Compliance reviews and re-assessments of third party suppliers is done regularly.

For specific information about sub-processors which process personal information in our products, please refer to the AppDynamics Privacy Data Sheets located on the Cisco Trust Portal.

Data Residency

We offer customers the ability to meet data residency requirements in multiple jurisdictions* including the EU, the United States, Australia, Singapore, South Africa, England, Hong Kong, India, and Brazil.

* Not all products are available in all locations.

International Data Transfers

AppDynamics complies with applicable law when international transfers of its customers’ personal data are made. Where a customer’s use of AppDynamics products and services requires the transfer of personal data to a location outside the European Economic Area, AppDynamics employs Standard Contractual Clauses (also commonly referred to as EU Model Clauses) as a legally recognized data transfer mechanism.