Allegations against Delve, a compliance technology firm, suggest that the company misrepresented its adherence to crucial regulatory frameworks, including the Health Insurance Portability and Accountability Act and the General Data Protection Regulation. In response, Karun Kaushik, the Indian-origin co-founder and CEO, emphasized that the accusations are the result of a targeted cyberattack rather than a legitimate whistleblower's report.
Based in San Francisco, Delve has experienced rapid growth, leading to internal challenges in maintaining proper oversight and compliance processes. Kaushik acknowledged that this expansion may have contributed to gaps in the company's operational standards, prompting an apology to customers for not meeting their expectations.
The firm asserts that the allegations stem from an anonymous individual who engaged in a cyberattack to access internal data dishonestly. Delve claims this person utilized fabricated information and selectively chosen screenshots to manipulate public perception of the company. Ongoing cybersecurity investigations have complicated the situation and delayed Delve's official response.