ID Analyzer follows the strict principal of data protection by design and by default, we have implemented stringent technical and organizational measures to protect all identity information processed through our service. We frequently conduct data protection impact assessment and have a strict internal security policy allowing only employees with top level clearances to access customer information once express permissions are given by you. To comply with GDPR, all our customers have access to EU API endpoint where transfer and storage of your customer's information will not go beyond EU borders. For processing and storage of personal information, we only work with well reputed datacenter providers that are GDPR compliant themselves.
ISO/IEC 27001 is a security information security management standard published by International Organization for Standardization, aimed at making information held by organizations more secured. A series of complex audits must be assessed by a certification body in order for an organization to be certified for ISO 27001. At ID Analyzer, protecting our customer information from any kind of security breach is one of our top priorities, hence we are currently undergoing the certification process which could take 6 months to 1 year to complete. To bolster the security of our service end-to-end, we only store sensitive customer information such as ID documents and identity data with IS0 27001 certified service providers.
ID Analyzer is widely used by healthcare providers and insurer to verify the identity of onsite and remote customers especially in the tele-health industry. In short, implementing a patient/customer on-boarding solutions using ID Analyzer does not affect your entity's HIPAA compliant status, the simple reason is that your entity is only passing identity information to us, without any associated health information that could be linked to the person. We help you digitize and verify your user's identity, however, we do not process nor store any PHI set out under the HIPAA regulation of our customers. It is your organization's responsibility to store the identity information from ID Analyzer securely alongside the health information to stay HIPAA compliant.
ID Analyzer Core API and DocuPass, when setup correctly with biometric verification, satisfy all the digital identity requirements set out under IAL2 of NIST. IAL2 introduces the need for either remote or physically-present identity proofing, which can be obtained using using both of our ID + biometric verification solutions. With ID Analyzer, our API system automatically evaluates the real-world existence of identity claimed by you user, and verify that your user is appropriately associated with this real-world identity.
As a SaaS provider, we have introduced a no log policy to ensure the peace of mind of all our customers whilst using our services. If you have disabled our vault storage system when accessing our services, we will not store any information, including all images or personal data, that you have uploaded to our server. This ensures that in an extremely rare case of security breach, the attacker will not get hold of any personal information of your customers.
Versatile solutions catered for every platform and industry.