An anonymous Substack post published this week accuses compliance startup Delve of 'falsely' convincing 'hundreds of customers they were compliant' with privacy and security regulations, potentially exposing those customers to 'criminal liability under HIPAA and hefty fines under GDPR.' Delve is a Y Combinator-backed startup that last year announced raising a $32 million Series A at a $300 million valuation. (The round was led by Insight Partners.) On Friday, the startup attempted to refute the accusations on its blog, calling the Substack post 'misleading' and saying it 'contains a number of inaccurate claims.' DeepDelver recounted receiving an email in December claiming the startup had 'leaked a spreadsheet with confidential client reports.' While Delve CEO Karun Kaushik apparently assured customers in a subsequent email that they were in compliance and that no external party gained access to sensitive data, DeepDelver said they and other customers had become suspicious. 'Having...
learn more
