We are pleased to announce our new Rewards and Incentives Program! We want to acknowledge all of your hard work on your security and compliance programs with the opportunity to achieve perks for your efforts. Check out the details in our community announcements!

Ask An Expert Office Hours (February 18, 2021)

edited February 11 in Ask an Expert

Join us for our first Ask an Expert Office Hours on February 18 for an hour at 10am PST.

This week we will have Todd Chapman from our Customer Success Team answering your questions. These can be questions about how to use features of Tugboat's product, how to prepare for your audit, or general inquires about frameworks.

If you are interested in attending, please register here!

If you miss this session, we will be holding Office Hours biweekly on Thursdays. You are also welcome to ask any questions here in the Helm and we'll get to them as soon as we can.

Please note that we will not take product requests or feedback during these sessions, If you have inquiries about our roadmap or future implementations, you are welcome to ask your questions here in the Helm so we can have our Product Team review them. All questions will be moderated during the session.

If you have product feedback, feel free to share it in this category.

We look forward to seeing you there!


  • Security / Confidentiality disclaimers in email footers: it’s not unusual to see these when corresponding with health care providers.  We anticipated that we would find this requirement in a SOC2 policy however we have not come across this requirement.  Are we missing it or is this not related to SOC2? Example: “IMPORTANT: The contents of this email and any attachments are confidential. They are intended for the named recipient(s) only. If you have received this email by mistake, please notify the sender immediately and do not disclose the contents to anyone or make copies thereof”

  • Hey @michael_obrien! I got an answer from our CS Team:

    We have a control in the SOC2 framework that is specific to the confidentiality trust category, 

    DS1 - Information Labelling/Classification: The organization has formalized data classification policies and procedures to identify confidential information in the system and to define instructions for handling and labelling confidential information.

    Evidence to satisfy this control can be documents that include footers/watermarks/redacted information. This would be what those footers fall under.

    Please let me know if this helps!

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!