Encamp’s EHS Compliance Software is SOC 2 Type 2 Certified

At Encamp, we’re dedicated to taking a proactive approach to security, compliance, and data privacy for businesses and their environmental, health, and safety (EHS) compliance operations, particularly given the volume of EHS data entrusted to us by our customers. Under the Emergency Planning and Community Right-to-Know Act of 1986 (EPCRA) and Tier II reporting requirements specified in EPCRA Section 312, facilities storing or using chemicals determined to be hazardous substances by the EPA are required to file their chemical inventory data annually via a Tier II form.

The purpose of a Tier II report is to provide each State, local officials, and the public with specific information on the potential hazards chemicals can pose within a facility. Tier II reporting also encompasses hazardous materials stored elsewhere on site. As of 2022, Encamp has filed more than 13,000 Tier II reports for our customers, a number that continues to grow exponentially. Therefore, we’re excited to share Encamp’s EHS environmental data management software has reached another important milestone and is now SOC 2 Type 2 certified.


For EHS Data, What Does it Mean to be SOC 2 Type 2 Compliant?

Service Organization Controls (SOC) 2 Type 2 is a voluntary compliance standard set by the American Institute of CPAs for leading technology companies that offer cloud-based products. It also specifies how an organization should manage customer data defined by a rigorous set of criteria called the five trust service principles: Security, Availability, Processing Integrity, Confidentiality, and Privacy.

In Encamp’s case, these criteria were used by independent auditor Schellman & Company LLC to evaluate how well Encamp manages its customer data and ensures that we have strong security controls in place to protect the EHS data they report. 

Being SOC 2 (Type 1 and 2) compliant means we have successfully demonstrated, as independently verified by a third-party audit, that Encamp’s EHS compliance software has the gold standard of privacy and security controls in place to ensure our customers their most important data is kept safe and secure from all threats.


“Encamp prides itself on our core value of being customer obsessed. Our customers’ trust is essential and is rooted in everything we do. Achieving our SOC 2 Compliance directly aligns with that core value, providing proof and confidence to our customers that Encamp is committed to ensuring that their data is kept secure and private.”

Brandon Muller, Sr. Security and DevOps Engineer at Encamp

What does this SOC 2 Certification mean for Encamp’s EHS Compliance Software?

Encamp chooses to view our SOC 2 Compliance as an investment, rather than a “necessary evil.” Maintaining our SOC 2 compliance assures current and prospective customers of our commitment to protecting both their EHS data and associated corporate information, improves our employee’s vigilance, and reduces the risk of a security event or data breach.

In meeting Tier II reporting requirements for EPCRA and environmental compliance, businesses who work with Encamp can be confident their EHS data maintains the highest levels of completeness, accuracy, and safety throughout the Tier II filing process. Learn more about Encamp’s Security Statement.


Transforming the way enterprises stay in compliance 

Encamp is on a mission to create a world where good for business can equal good for the environment. We help enterprises transform compliance programs and human processes into a technology-driven system that lays the foundation for accurate and ongoing environmental compliance through a blended method of intelligent high-tech solutions and high-touch expert support.

Angelica Castillo

Angelica is the Content Marketing Manager at Encamp. She has a love/love relationship with creative marketing, technology, and true crime shows.

Get expert compliance insights, right to your inbox.

Additional Environmental Compliance Resources