How compliant is your disaster recovery plan?

Businesses of all sizes are mandated by federal and governing agencies to maintain records of all electronic business transactions. Furthermore, businesses are obligated to meet regulations related to confidentiality, industry portability, and preservation of financial records, pertaining to various industries. As a result, organizations have to adopt processes that help achieve data backup and recovery goals.

IDrive BMR complies with SOC 2 Type 2 and ensures highest standards of security and confidentiality for your data. IDrive BMR assists companies within the medical, accounting, and legal professions in their effort to comply with the regulatory norms of GDPR, PCI, HIPAA, SOX, GLBA, SEC/FINRA, and other security standards.

  • Secure data storage using AES 256 CCM/AES 256 GCM encryption; ensure data encryption during transfers
  • Encrypted data storage to prevent tampering, alterations, and unauthorized access
  • Date and time-stamped data access by each user

Note: IDrive BMR offers the choice of employing private encryption which is known only to the user and not stored on IDrive BMR servers, in addition to default encryption.

IDrive BMR complies with industry and government standards and regulations

  1. SOC 2 Type 2

    IDrive BMR proudly announces achieving SOC 2 Type 2 certification after undergoing a rigorous evaluation conducted by an independent third-party auditing firm. This certification affirms that our cloud backup and storage solutions, as well as our policies and procedures, adhere to industry-leading standards for securing customer data and account information. To obtain a copy of the SOC 2 Type 2 report, eligible customers, partners, and prospects are encouraged to reach out to IDrive BMR Support. Your confidence in our dedication to best practices is our priority.

  2. GDPR

    The General Data Protection Regulation (GDPR) is a European Union regulation that is aimed at protecting the personal data of EU citizens. IDrive BMR employs the best practices and technologies to ensure the highest standards of data security and privacy of personal data.

  3. PCI

    Businesses that handle cardholder information are required to comply with the Payment Card Industry Data Security Standard. IDrive BMR is PCI compliant and does not directly store credit card or financial data; we use third-party vendors to store and manage cardholder data and conduct online transactions.

  4. HIPAA

    The Health Insurance Portability and Accountability Act (HIPAA), provides directives on administrative, physical, and technical safeguards for patient data and records. The security and privacy measures implemented by IDrive BMR assist businesses in the healthcare domain to meet HIPAA compliance.

  5. SOX

    Sarbanes-Oxley (SOX) Act mandates the retention of electronic records, messaging, and financial transactions. IDrive BMR assists businesses in meeting SOX requirements, providing support for the secure retention of crucial electronic data.

  6. GLBA

    The Gramm-Leach-Bliley Act safeguards consumer private information at various financial institutions. IDrive BMR assists financial institutions in achieving GLBA compliance, ensuring the secure protection of consumer data.


    The Securities and Exchange Commission (SEC) and Financial Industry Regulatory Authority (FINRA) mandate secure, long-term storage solutions for financial records and electronic communications. IDrive BMR assists financial institutions meet these compliance requirements.

Business Associate Agreement

IDrive BMR's Business Associate Agreement is in accordance with federal government standards. Fill out the below form to place your request for IDrive BMR's Business Associate Agreement.

Thank you for contacting us. Our sales staff will get in touch with you shortly.
There was an error submitting the form.

Associate details

Mailing address


Report to Tech supportSend Request