What does New Relic do to ensure security, data privacy, and compliance? And what can you do as well?
Here are some resources you can use to ensure the confidentiality, integrity, and availability of your data. For example, New Relic has developed processes to comply with privacy laws and regulations so that you can control how personal information about you and your customers is stored and used.
Across our connected world, information security matters. For more information about policies, credentials, audits, and other resources, see our corporate security policy and our New Relic security website. If you have additional questions, please contact your New Relic account representative.
docs.newrelic.com: You can find documentation about data privacy, security, compliance, and other topics on the New Relic docs site.
Data privacy: What we do.
New Relic follows "privacy by design" principles as part of our overarching security program to ensure data privacy for your accounts, agents, events and attributes, and products and services.
Data privacy: What you can do.
To customize the types of data you send to New Relic, or to allow specific personnel to view or update the data, you can set user access levels, assign API keys, customize event attributes, adjust your email settings, etc.
Security: What we do.
We enforce strong security measures both for the data we receive and for our employees. If we discover vulnerabilities in our products, we notify you about our corrective actions through security bulletins Use the RSS feed to stay notified.
Security: What you can do.
To enhance your own security measures, you can use our SAML single sign-on (SSO) providers, adjust high security mode settings, review audit logs, and use other product security options.
Compliance: What we do.
Our Tier III, SOC2 certified data centers in the US and EU ensure compliance with processing and storing data for specific retention periods. We are FedRAMP Authorized Moderate for accounts that meet specific criteria. We offer HIPAA account enablement for customers subject to HIPAA and using New Relic. We have also received HITRUST certified status for our New Relic platform hosted in Amazon Web Services (AWS).
Compliance: What you can do.
If you receive a request related to the General Data Protection Regulation (GDPR) or California Consumer Protection Act (CCPA), follow standard procedures to query or delete personal data. If you would like to access our HIPAA account enablement solution, contact your New Relic account manager to learn more.