The GRC team has officially updated the Cloudflare Compliance Package.
These three additions are designed to help you bypass lengthy security
assessments and provide instant, third-party validation for your prospects.
What’s New & Where it Applies

HIPAA AoC (US Healthcare & Global PHI)
-

The Scope: Essential for U.S. healthcare (providers/insurers)
and international
entities processing U.S. patient data.
-

The Asset: An Attestation of Compliance (AoC) providing formal audit
evidence of our PHI protections.
-

ISO 27017 (Global Enterprise)
-

The Scope: Worldwide. Our strongest asset for enterprise deals in EMEA,
APAC, and LATAM.
-

The Asset: A specialized "cloud-first" certification that builds on
ISO 27001 by addressing specific cloud service provider risks.
-

GovRAMP Authorization (US SLED)
-

The Scope: USA Only. Built for State, Local, and Tribal governments
and Higher Ed.
-

The Asset: Standardized cybersecurity verification; the state-level
equivalent of FedRAMP.

Implementation Notes (Best Practices)

To ensure we maintain the integrity of our compliance program, please
follow these operational guidelines:

The BAA Process: A HIPAA AoC validates our environment, but a Business
Associate Agreement (BAA) is still the required contractual vehicle for
PHI. Ensure your account team follows the standard BAA request process.
-

Verify Product Scope: Compliance is not "blanket" coverage. These
certifications apply to specific In-Scope Services. Always verify that
the customer’s intended products are covered by checking our reports.
-

Shared Responsibility Model: Remind customers that while Cloudflare
infrastructure is compliant, they are responsible for compliant
configuration (e.g., proper encryption settings, access controls) on
their end.
-

GovRAMP vs. FedRAMP: These are distinct frameworks. GovRAMP is for SLED
(State, Local, Education). If you are working on a U.S. Federal deal,
continue to reference our FedRAMP documentation.

How to Use These to Close Deals

Use these documents to pre-empt security questionnaires. Instead of manual
entry, provide these third-party audits to build immediate trust.

Healthcare: Lead with the HIPAA AoC to shorten the security review.
-

Global Enterprise: Put ISO 27017 front-and-center for non-U.S. prospects.
-

Public Sector: Use GovRAMP to bypass individual state-level audits.

How to get them: Request via CSCR process.
<https://wiki.cfdata.org/spaces/INFOSEC/pages/201660642/Filing+a+CSCR+Ticket#tab-How+to+file+a+Jira+ticket>

1️⃣ Cloudflare One Weekly Update 点击展开 ▾

Cloudflare One本周业务更新显示季度收入达115万美元，管道预测超5800万美元。客户数量环比增长7.6%至5,437个，并重点介绍了与EMAAR Properties达成62.7万美元ACV的重大合作案例。

"'Partner Experience' via Cloudflare One Newsletter" <cloudflare-one-newsletter@cloudflare.com> 2026/4/14

Web Version: 
https://cloudflare-partnerteam-int.us.newsweaver.com/5p3pf93cmb/1lst09vfooj?email=true&lang=en
-----------------------
Revenue
$1.15M Closed/Won QTD

4.5% of Target ($25.58M ACV)

$58.3M in Forecasted Pipeline (Q2'26)

$183M in All Open Pipeline for the Year

source [ 
https://cloudflare-partnerteam-int.us.newsweaver.com/5p3pf93cmb/v8qhbbd9vu2/external?email=true&lang=en&a=5&p=5927620&t=1877087 
]

https://cloudflare-partnerteam-int.us.newsweaver.com/5p3pf93cmb/fofhi73crum?email=true&lang=en&a=2&p=5927620&t=1877087
----------------------------------- Partners
$0.87M Closed/Won QTD w/ Partner Attach

$0.22M Closed/Won PIO

https://cloudflare-partnerteam-int.us.newsweaver.com/5p3pf93cmb/1oycigtw9y5?email=true&lang=en&a=2&p=5927620&t=1877087
----------------------------------- Customers
5,437 Contract Customers (7.6 % MoM)

62% Utilization - (2.3M Seats Configured / 3.7M Seats Contracted)

https://cloudflare-partnerteam-int.us.newsweaver.com/5p3pf93cmb/1ihyjblf122?email=true&lang=en&a=2&p=5927620&t=1877087
EMAAR Properties (L.L.C.)
CF1 ACV $627K | Deal Team: AE: Arun George, PAM: Eyal Al Shami, SE: Ahmad Badawi, SSE: Abou Zaher | 
Partner: Emirates Business Machines

Landmark new logo win with one of the Middle East’s most iconic enterprises. Cloudflare displaced 
legacy infrastructure and a hyperscaler by positioning as a full-platform consolidation across 80+ 
domains, applications, and security layers, securing a multi-product deployment including Zero 
Trust, App Security, and Cloudforce One.

https://cloudflare-partnerteam-int.us.newsweaver.com/5p3pf93cmb/1ba7wzbk4hs?email=true&lang=en&a=2&p=5927620&t=1877087
----------------------------------- Supabase Inc.
CF1 ACV $184K | AE: Billy Wong, SE: Sze Rong Tham, CSE: Smitha, Specialists: Rex Sunny

Direct Strategic Zero Trust upsell expanding Cloudflare’s footprint with Supabase. Strong 
cross-functional execution enabled deeper integration with developer workflows, with ZTNA expertise 
and rapid technical support key to closing the deal.

https://cloudflare-partnerteam-int.us.newsweaver.com/5p3pf93cmb/gt2inepqxqz?email=true&lang=en&a=2&p=5927620&t=1877087
----------------------------------- Midland Independent School District
CF1 ACV $37K | Deal Team AE: Jack Coughlin, Specialists: Matthew Boknevitz, Scott Harris, PAM: 
Marcus Charles | Partner: CDW

This successful engagement, resulted in the adoption of Cloudflare One Email Security to resolve 
critical phishing issues and provide a flexible solution for inbound email threats. With vital 
evaluation support from Matthew Boknevitz and Scott Harris, the customer successfully integrated 
this key component of the SASE platform to protect their organization from evolving digital risks. 
This win highlights the effectiveness of Cloudflare’s technical mastery and collaborative GTM 
approach in displacing competitors and securing high-value accounts.

https://cloudflare-partnerteam-int.us.newsweaver.com/5p3pf93cmb/sbtn392emtn?email=true&lang=en&a=2&p=5927620&t=1877087
Cloudflare accelerates post-quantum roadmap - Global press momentum (including TIME and Techmeme 
trending) reinforces Cloudflare’s leadership in quantum-safe security, with strong validation of its 
PQC-by-default approach. Read here [ 
https://cloudflare-partnerteam-int.us.newsweaver.com/5p3pf93cmb/62wr7huvro9/external?email=true&lang=en&a=5&p=5927620&t=1877087 
].

https://cloudflare-partnerteam-int.us.newsweaver.com/5p3pf93cmb/1t0sn02nhqn?email=true&lang=en&a=2&p=5927620&t=1877087
----------------------------------- CASB Webhooks now live - Enables customers to send SaaS security 
findings directly to tools like Slack, Jira, SIEM, and PagerDuty, making CASB more actionable and 
easier to integrate into existing security workflows. Learn more [ 
https://cloudflare-partnerteam-int.us.newsweaver.com/5p3pf93cmb/89krbbge8fr/external?email=true&lang=en&a=5&p=5927620&t=1877087 
].

https://cloudflare-partnerteam-int.us.newsweaver.com/5p3pf93cmb/16vwggs2j2i?email=true&lang=en&a=2&p=5927620&t=1877087
----------------------------------- Coffee Shop Networking GTM updates - New SASE messaging and 
sales materials now available, including pitch decks, solution briefs, and enablement guides, with 
updated positioning and targeting guidance for Q2 campaigns.

Customer-facing slides in “SASE use case pitch deck [ 
https://cloudflare-partnerteam-int.us.newsweaver.com/5p3pf93cmb/1jh7bqtdstu/external?email=true&lang=en&a=5&p=5927620&t=1877087 
]” with talk track
Enablement guide [ 
https://cloudflare-partnerteam-int.us.newsweaver.com/5p3pf93cmb/10kaon03xnx/external?email=true&lang=en&a=5&p=5927620&t=1877087 
]: How to win these opportunities
Infographic [ 
https://cloudflare-partnerteam-int.us.newsweaver.com/5p3pf93cmb/2njov4kv77k/external?email=true&lang=en&a=5&p=5927620&t=1877087 
] (2-pages)
Solution brief [ 
https://cloudflare-partnerteam-int.us.newsweaver.com

... (内容已截断，原文共 13391 字符)