Zivver Certifications
Zivver complies with global privacy laws and security standards, implementing measures designed to support organizations in meeting their compliance obligations.
Zivver complies with global privacy laws and security standards, implementing measures designed to support organizations in meeting their compliance obligations.
Zivver is SOC2 compliant and successfully passed a Type 2 audit. Designed to ensure that service providers are equipped to manage stakeholder data securely, SOC 2 Type 2 involves an internal audit of an organization’s controls in relation to data security, availability, processing integrity, and privacy. The report can be shared upon request.
ISO27001 is the international best practice standard for information security management systems. Zivver obtained this certification in 2016 and all Zivver communication services are in scope of this information security management system. Additionally, our data centers of AWS are ISO27001 certified.
The Privacy Verified certification shows that Zivver appropriately safeguards the privacy of its customers. It shows Zivver meets the requirements from the GDPR.The Privacy Verified certification is subject to a yearly inspection by ICTrecht.
UK government-backed scheme that shows that Zivver has the fundamental protection in place to defend itself from internet-based threats. Zivver is formally certified to the Cyber Essentials Plus level.
The CSA STAR Certification s a rigorous third-party independent assessment of the security of a cloud service provider. This technology-neutral certification leverages the requirements of the ISO/IEC 27001:2013 management system standard together with the CSA Cloud Controls Matrix.
Zivver complies to the requirements of the NIST Cyber Security Framework (CSF) 2.0. The updated framework has expanded its scope from just critical infrastructure to all organisations in any sector. The framework includes six key functions: Identify, Protect, Detect, Respond and Recover, along with CSF 2.0’s newly added Govern function.
The Health Insurance Portability and Accountability Act of 1996 mandates national standards to protect sensitive patient health information from disclosure without patient knowledge or consent.
Zivver is exceeding the 10 data security standards set by the National Data Guardian. All organizations that have access to NHS patient data and systems must use the Data Security and Protection Toolkit to publish an assessment against the National Data Guardian’s 10 data security standards. Details of past publications for Zivver are provided through the link below.
NEN7510 is a Dutch best practice standard for information security management systems within the healthcare sector. The NEN7510 gives specific requirements for the processing of medical and patient information. Zivver obtained this certification in 2016 and all Zivver communication services are in scope of this information security management system.
This standard provides a set of requirements suitably structured to promote and ensure the effective application of clinical risk management by those organizations that are responsible for the development and maintenance of Health IT Systems for use within the health and care environment.
1 min read
There is mounting pressure on organizations to assess their email security under regulations including GDPR, NIS2 and DORA. The tools we use every day to manage sensitive data must reach the standards...
min read
We interviewed over 400 IT leaders and 2000 employees across the UK, USA, and Europe to uncover the latest insights, priorities and opinions into the state of email security.
20 min read
Learn how to positively engage employees in information security with special guests, Inge Wetzer, Social psychologist in Cybersecurity & Compliance at Secura and Nadine Hoogerwerf, CISO at Zivver.