• 1.877.734.6983
  • Log in

Compliance Standards

Privacy and Data Protection

Egnyte maintains compliance with the strictest standards to ensure privacy and data protection for its customers. Egnyte’s hybrid architecture gives enterprises complete control over where the data resides. As a result, it has been the solution of choice for thousands of customers in highly-regulated industries (e.g., financial services, healthcare) and regulatory environments, such as the E.U.

European Commission logo

EU Customers

Egnyte complies with the European Union Data Protection Directive (EUDPD). The EUDPD was enacted to provide a consistent data protection framework with EU-level enforcement, and a baseline of security around information storage, transmittal, and processing.

Unlike other providers, Egnyte stores customer’s European data in its European data center. Customer data is not accessed unless explicit permission is granted and does not leave the EU even when a support ticket is opened.

ISO logo

Information Security Management System - ISO/IEC 27001

The Egnyte information security management system is ISO/IEC 27001:2013 certified. This certification is the leading global information security standard, and it outlines the policies and controls that organizations put in place to manage risk and secure their data. The guidelines for establishing, implementing, and maintaining our information security management system fall under this international standard, which confirms that our products, supporting infrastructure, people and processes operate within agreed upon requirements and best practices.

ISO/IEC 27001:2013 – Information Security Management

Compliant with FINRA Rules & Regulations

Financial Services

Egnyte offers a FINRA-compliant online storage solution with complete end-to-end data protection. Egnyte enables full compliance under SEC 17a, 31a, 204 Recordkeeping regulations for confidential data storage, retention, digitalization and accessibility.

Download Financial Services Security White Paper

HIPAA logo


Egnyte understands the importance of confidentiality and protection of an individual's Protected Health Information (PHI). Egnyte's comprehensive data security enables HIPAA compliance for Payer, Provider, pharmaceutical and biomedical businesses.

Download Egnyte HIPAA Statement
Download Egnyte HIPAA Business Associate Agreement

FDA 21 CFR Part 11 logo

21 CFR Part 11

Egnyte is compliant with 21 CFR Part 11. Title 21 CFR Part 11 applies to records in electronic form that are created, modified, maintained, archived, retrieved, or transmitted, under any records requirements set forth in agency regulations. This part also applies to electronic records submitted to the agency under requirements of the Federal Food, Drug, and Cosmetic Act and the Public Health Service Act, even if such records are not specifically identified in agency regulations.

SSAE16 logo


Egnyte is compliant with the SSAE 16 attestation standard Type 2. Statement on Standards for Attestation Engagements (SSAE) No. 16 is an attestation standard put forth by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) that addresses engagements undertaken by a service auditor for reporting on controls at organizations (i.e., service organizations) that provide services to user entities, for which a service organization's controls are likely to be relevant to a user entities internal control over financial reporting (ICFR).



Skyhigh Networks performs objective and thorough evaluations of the enterprise-readiness of cloud services based on a detailed set of criteria developed in conjunction with the Cloud Security Alliance (CSA). Services designated as Skyhigh Enterprise-Ready are the services receiving the highest CloudTrust™ Ratings, which fully satisfy the most stringent requirements for data protection, identity verification, service security, business practices, and legal protection.

Cloud Trust Program