Data protection, privacy, and security are the foundation of Dentity. Below are some industry standards and benchmarks that we follow in protecting your personal information:
- Our environment is ISO/IED 27001 certified which means that we continually examine information security risks, threats, and vulnerabilities. We use AES-256 encryption, which is the same cryptography that’s used to protect top secret information at the National Security Agency (NSA). Each consumer alone holds the key to encrypt and decrypt their personal information.
- Dentity is compliant with the National Institute of Standards and Technology (NIST), Department of Commerce, Digital Identity Guidelines 800-63-3. This means that we follow the most advanced guidelines for verifying your identity and only collect the information from you that’s absolutely necessary to be compliant. Our process typically takes less than two minutes and the end result is that you own a digital identity credential that can be used across the Internet.
- Dentity’s identity document storage infrastructure has been audited and is compliant with SOC 2 (Service Organization Control) Type I and Type II. This audit report provides detailed information about security, availability, processing integrity, confidentiality and privacy controls in compliance with the American Institute of Certified Public Accountants Trust Service Criteria.
- Dentity’s identity document storage infrastructure is HIPAA compliant and meets NIST cryptographic standards for data transmission and access control. HIPAA stands for the Health Insurance Portability and Accountability Act and its sets forth rigorous standards for protecting personal information.
- Personal information is processed in compliance with the California Consumer Privacy Act (CCPA) and General Data Protection Regulation (GDPR). This empowers consumers with rights over their personal information, including the new right to request businesses to disclose or delete the data they have collected on them.