Security and Compliance

SOC2 Type II Certification

SOC 2 Logo

Glean is SOC2 Type II certified, with no noted exceptions in our most recent aduit report.

Developed by the AICPA, SOC 2 Type II is an extensive auditing procedure that ensures a company is handling customer data securely and in a manner that protects the organization as well as the privacy of its customers. SOC 2 is designed for service providers storing customer data in the cloud.

HIPAA Compliant

With many members on our founding team coming from Flatiron Health, Glean has been built with extra consideration for healthcare organizations. We support Health Insurance Portability and Accountability Act (HIPAA) compliance and also sign Business Associate Agreements (BAAs). There is no extra charge in Glean for HIPAA compliance or BAAs.

Storing Data

Glean operates by issuing queries to user's existing data warehouses. We do not ingest and store the full underlying data of the tables.

To enable fast interactive data explorations, Glean caches aggregated query results within our infrastructure and in local browser sessions. Users can customize Glean’s cache usage (opens in a new tab) to meet specific performance or data freshness requirements.

Diagram of Glean's Technical Architecture

Have additional questions?- If more information is needed around our security procedures and/or you would like to request a review of our SOC2 report, please reach out to and we’d be happy to provide the necessary documentation.