Public sector bodies need to walk the walk with secure communications
Read moreCertifications
Zivver’s Certifications & Assurance
Certifications

ISO27001
ISO27001 is the international best practice standard for information security management systems.
Zivver obtained this certification in 2016 and all Zivver communication services are in scope of this information security management system. Additionally, our data centers of AWS are ISO27001 certified.

Privacy Verified
The Privacy Verified certification shows that Zivver appropriately safeguards the privacy of its customers. It shows Zivver meets the requirements from the GDPR.
The Privacy Verified certification is subject to a yearly inspection by ICTrecht.

Cyber Essentials Plus
UK government backed scheme that shows that Zivver has the fundamental protection in place to defend itself from internet based threats. Zivver is formally certified to the Cyber Essentials Plus level.
Go to certificate
Cyber Essentials
UK government backed scheme that shows that Zivver has the fundamental protection in place to defend itself from internet based threats.
Go to certificate
NEN7510
NEN7510 is a Dutch best practice standard for information security management systems within the healthcare sector.
The NEN7510 gives specific requirements for the processing of medical and patient information. Zivver obtained this certification in 2016 and all Zivver communication services are in scope of this information security management system.

NTA7516
NTA7516 is a Dutch best practice standard for ad-hoc communication within the healthcare sector.
The NTA7516 gives specific requirements for email communication with patient data. Zivver was the first supplier of email communication to obtain this certification in 2020.
Accreditations

Data Security and Protection Toolkit of NHS digital
Zivver meets the requirements of the Data Security and Protection Toolkit of NHS digital.
This shows that Zivver meets the National Data Guardian’s 10 Data Security Standards of the United Kingdom. This toolkit is a mandatory toolkit for all organisations that have access to NHS patients data or systems and provides assurance of the organisation data security practices.

McAfee Enterprise Ready
The McAfee Enterprise-Ready seal is reserved to cloud services that have the highest CloudTrust rating — based on their attributes across the data, user and device, security, business, and legal evaluation categories.
Read moreThird party security testing

Hacking as a Service
Multiple times a year we let our product and infrastructure be tested by independent, world class, researchers. Not only from the outside (black box testing), but also from the inside by giving the researchers accounts (grey box testing) and even the full source code of Zivver (white box testing).
Currently we collaborate on this topic with the Hacking as a Service team of Deloitte. Every subsequent test Deloitte challenges us if we have taken appropriate measures to mitigate risks they have found in our product or infrastructure.

HackerOne
Zivver has a public program on HackerOne and actively encourages security researchers from all over the world to perform security tests on the Zivver product and platform.
All incoming reports are classified and picked up by the security team of Zivver.