mirror of
https://github.com/documenso/documenso.git
synced 2026-07-11 21:45:18 +10:00
f93a98e9a5
## Description Updated HIPAA status to compliant
58 lines
2.4 KiB
Plaintext
58 lines
2.4 KiB
Plaintext
---
|
|
title: Certifications & Regulatory Compliance
|
|
description: Documenso's compliance status for industry certifications and regulatory frameworks.
|
|
---
|
|
|
|
import { Callout } from 'fumadocs-ui/components/callout';
|
|
|
|
### Compliance Status Overview
|
|
|
|
| Certification | Status |
|
|
| -------------- | ---------------------- |
|
|
| 21 CFR Part 11 | Compliant (Enterprise) |
|
|
| SOC 2 | Compliant |
|
|
| ISO 27001 | Planned |
|
|
| HIPAA | Compliant (Enterprise) |
|
|
|
|
## 21 CFR Part 11
|
|
|
|
<Callout type="info">Status: Compliant (Enterprise License)</Callout>
|
|
|
|
21 CFR Part 11 is a regulation by the FDA that establishes the criteria for electronic records and electronic signatures to ensure their authenticity, integrity, and confidentiality in the pharmaceutical, medical device, and other FDA-regulated industries.
|
|
|
|
Read more about [21 CFR Part 11 with Documenso](https://documen.so/21-CFR-Part-11).
|
|
|
|
### Main Requirements
|
|
|
|
- Strong Identity Checks for each Signature
|
|
- Signature and Audit Trails
|
|
- User Access Management
|
|
- Quality Assurance Documentation
|
|
|
|
## SOC 2
|
|
|
|
<Callout type="info">Status: [Compliant](https://documen.so/trust)</Callout>
|
|
|
|
SOC 2 is a framework for managing and auditing the security, availability, processing integrity, confidentiality, and data privacy in cloud and IT service organizations, established by the American Institute of Certified Public Accountants (AICPA).
|
|
|
|
## ISO 27001
|
|
|
|
<Callout type="warn">Status: [Planned](https://github.com/documenso/backlog/issues/26)</Callout>
|
|
|
|
ISO 27001 is an international standard for managing information security, specifying requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS).
|
|
|
|
## HIPAA
|
|
|
|
<Callout type="info">Status: [Compliant](https://documen.so/trust)</Callout>
|
|
|
|
The HIPAA (Health Insurance Portability and Accountability Act) is a U.S. law designed to protect patient health information's privacy and security and improve the healthcare system's efficiency and effectiveness.
|
|
|
|
---
|
|
|
|
## See Also
|
|
|
|
- [Standards](/docs/compliance/standards) - Technical signing standards (PDF/A, PAdES, X.509)
|
|
- [Signature Levels](/docs/compliance/signature-levels) - eIDAS and other signature level compliance
|
|
- [Enterprise Edition](/docs/policies/enterprise-edition) - Enterprise licensing for compliance features
|
|
- [GDPR](/docs/compliance/gdpr) - Data protection compliance
|