Zivver Certifications
Zivver complies with global privacy laws and security standards, implementing measures designed to support organizations in meeting their compliance obligations.
Zivver complies with global privacy laws and security standards, implementing measures designed to support organizations in meeting their compliance obligations.
Zivver is SOC2 compliant and successfully passed a Type 2 audit. Designed to ensure that service providers are equipped to manage stakeholder data securely, SOC 2 Type 2 involves an internal audit of an organization’s controls in relation to data security, availability, processing integrity, and privacy. The report can be shared upon request.
ISO27001 is the international best practice standard for information security management systems. Zivver obtained this certification in 2016 and all Zivver communication services are in scope of this information security management system. Additionally, our data centers of AWS are ISO27001 certified.
The Privacy Verified certification shows that Zivver appropriately safeguards the privacy of its customers. It shows Zivver meets the requirements from the GDPR.The Privacy Verified certification is subject to a yearly inspection by ICTrecht.
UK government-backed scheme that shows that Zivver has the fundamental protection in place to defend itself from internet-based threats. Zivver is formally certified to the Cyber Essentials Plus level.
The CSA STAR Certification s a rigorous third-party independent assessment of the security of a cloud service provider. This technology-neutral certification leverages the requirements of the ISO/IEC 27001:2013 management system standard together with the CSA Cloud Controls Matrix.
Zivver complies to the requirements of the NIST Cyber Security Framework (CSF) 2.0. The updated framework has expanded its scope from just critical infrastructure to all organisations in any sector. The framework includes six key functions: Identify, Protect, Detect, Respond and Recover, along with CSF 2.0’s newly added Govern function.
The Health Insurance Portability and Accountability Act of 1996 mandates national standards to protect sensitive patient health information from disclosure without patient knowledge or consent.
Zivver is exceeding the 10 data security standards set by the National Data Guardian. All organizations that have access to NHS patient data and systems must use the Data Security and Protection Toolkit to publish an assessment against the National Data Guardian’s 10 data security standards. Details of past publications for Zivver are provided through the link below.
NEN7510 is a Dutch best practice standard for information security management systems within the healthcare sector. The NEN7510 gives specific requirements for the processing of medical and patient information. Zivver obtained this certification in 2016 and all Zivver communication services are in scope of this information security management system.
This standard provides a set of requirements suitably structured to promote and ensure the effective application of clinical risk management by those organizations that are responsible for the development and maintenance of Health IT Systems for use within the health and care environment.
2 min read
In a recent survey, we asked IT leaders to share their biggest data security challenges:
20 min read
Get ahead of the NIS2 regulatory framework with our compliance checklist.
min read
Learn how to prove the ROI of your solutions. Industry experts Simon Newman, Co-Founder of Cyber London, and Frank Horenburg, Head of IT at Zivver, share insights and expertise on identifying and sharing the value of security.