Blackbaud provides the following reports to hosted clients, their auditors, and prospective clients:
  • SOC 2 Type II for the hosting environment
  • SOC 1 Type II for Sphere
  • SOC 1 Type II for Financial Edge
  • SOC 1 Type II for Luminate Online
  • SOC 1 Type II for Donor Direct
  • SOC 1 Type II for Blackbaud Merchant Services
  • SOC 1 Type II for Blackbaud CRM
  • Bridge Letters for SOC 1 and SOC 2 reports
  • PCI DSS Attestation of Compliance for Blackbaud Internet Services
  • PCI DSS Attestation of Compliance for BBPS
  • PCI DSS Attestation of Compliance for Luminate
  • PCI DSS Attestation of Compliance for Brennan IT
  • Savvis/ CenturyLink and SunGard Data Centers (third party hosting provider) SOC 1 Type II
  • HIPAA Compliance Report for BBCRM
Click, Chat with Support and please include the following information. Reports will be customized and generated for your organization within 3 - 5 business days.
  1. The report(s) you're requesting from the list above
  2. The reason for the report request
  3. The hosted Blackbaud products or services you use (including Blackbaud Merchant Services and Blackbaud Payment Services)

  • The audit reports pertain to the hosted environment only and are unavailable for non-hosted products and services.
  • For more information about Service Organization Control Reports (SOC), visit the AICPA website.