Egnyte maintains compliance with the strictest standards to ensure privacy and data protection for its customers. Egnyte’s hybrid architecture gives enterprises complete control over where the data resides. As a result, it has been the solution of choice for thousands of customers in highly-regulated industries (e.g., financial services, healthcare) and regulatory environments, such as the E.U.
Egnyte supports data sovereignty by storing all European customer data and metadata in its European data center, ensuring compliance to the laws and standards of the country in which the data resides. EU data stays in the EU.
Egnyte complies with the requirements of the General Data Protection Regulation (GDPR). We help organizations meet the data privacy obligations of GDPR. Customers in the EU and across the globe can use Egnyte as a content management platform to help implement their GDPR compliance program.View Info on Privacy Shield
EU–US Privacy Shield: Egnyte – as a further signal of the seriousness with which it approaches data privacy/security – has certified its compliance with Privacy Shield, which was designed by EU and US authorities as a framework for the safe, cross–border transfer of personal data from the EU to the US.
Even prior to Privacy Shield, Egnyte evidenced its commitment to the privacy of EU customer personal data via its voluntary compliance with the Safe Harbor privacy principles. The Safe Harbor framework was found void by the European Court of Justice in October 2015, and was later replaced by the enhanced Privacy Shield framework.
The Egnyte information security management system is ISO/IEC 27001:2013 certified. This certification is the leading global information security standard, and it outlines the policies and controls that organizations put in place to manage risk and secure their data. The guidelines for establishing, implementing, and maintaining our information security management system fall under this international standard, which confirms that our products, supporting infrastructure, people and processes operate within agreed upon requirements and best practices.
Egnyte is SOC 2 SSAE 18 Type 2 compliant ensuring that we securely manage your data to protect the interests of your organization and the privacy of all clients. This is supported by a SOC 2 attestation report issued by an independent auditor whose role is to assess our compliance within selected Trust Services categories.
The SOC 2 report is intended to provide users information that may be useful when assessing the risks arising from interactions with Egnyte’s system. Specifically this report refers to the suitability of design and operating effectiveness of Egnyte’s controls to meet the criteria related to security, availability, processing integrity, and confidentiality set forth in TSP section 100, 2016 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy (AICPA, Trust Services Criteria).
Egnyte offers a FINRA-compliant online storage solution with complete end-to-end data protection. Egnyte enables full compliance under SEC 17a, 31a, 204 Recordkeeping regulations for confidential data storage, retention, digitalization and accessibility.
Egnyte understands the importance of confidentiality and protection of an individual's Protected Health Information (PHI). Egnyte's comprehensive data security enables HIPAA compliance for Payer, Provider, pharmaceutical and biomedical businesses.
Egnyte is compliant with 21 CFR Part 11. Title 21 CFR Part 11 applies to records in electronic form that are created, modified, maintained, archived, retrieved, or transmitted, under any records requirements set forth in agency regulations. This part also applies to electronic records submitted to the agency under requirements of the Federal Food, Drug, and Cosmetic Act and the Public Health Service Act, even if such records are not specifically identified in agency regulations.
Egnyte is compliant with the SSAE 18 attestation standard Type 2. Statement on Standards for Attestation Engagements (SSAE) No. 18 is an attestation standard put forth by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) establishes requirements and provides application guidance to auditors for performing and reporting on examination, review, and agreed-upon procedures engagements, including Service Organization Controls (SOC) attestations. SSAE 18 completely replaces SSAE 16 and many other SSAEs into a combined standard.
Skyhigh Networks performs objective and thorough evaluations of the enterprise-readiness of cloud services based on a detailed set of criteria developed in conjunction with the Cloud Security Alliance (CSA). Services designated as Skyhigh Enterprise-Ready are the services receiving the highest CloudTrust™ Ratings, which fully satisfy the most stringent requirements for data protection, identity verification, service security, business practices, and legal protection.