Please Try a Different Browser

You are using an outdated browser that is not compatible with our website content. For an optimal viewing experience, please upgrade to Microsoft Edge or view our site on a different browser.

If you choose to continue using this browser, content and functionality will be limited.

Blurred business office shopping mall

Kofax Trust

Security, compliance, and privacy information you can count on

Overview

Kofax takes building and maintaining the trust of our customers seriously. Kofax provides robust security, compliance, and privacy programs that carefully consider data protection matters across our suite of products. The Kofax Trust site ensures you have the latest security, compliance, and privacy information at your fingertips.

Close up of handshake in the office
Security

Highlights of Kofax’s Security Approach

We’ve designed our cloud services to protect your data and ensure it’s secure at all times.

Data Security

Industry standard physical and technical measures to protect you and your data

Product Testing

Robust data and privacy compliance testing and threat and vulnerability management programs

Risk Management

24/7/365 network security monitoring procedures to keep you running

Organization & Management

Dedicated teams of SMEs across privacy, information security, and compliance

Audits & Attestations

Significant investment in maintaining globally recognized certifications and attestations

Communications

Proactive incident response management and communications on security incidents

Compliance

Certifications, Standards, and Regulations

Kofax maintains a comprehensive set of compliance certifications and attestations that demonstrate our commitment to protecting customer data and following regulatory and industry standards. Certifications may vary by product; please contact your Sales Manager for more information.

Click here to view our Information Security Policy which applies for “Cloud Services” and “Public facing SaaS solutions."

AICPA

SOC 2 Type 1 and Type 2

Kofax has invested significant resources to become a SOC 2 certified organization, which means that Kofax complies with the reporting requirements stipulated by the American Institute of Certified Public Accountants (AICPA). We undergo yearly audits across all aspects of our production operations, including our datacenters, and have sustained and surpassed all requirements.

Learn More
AICPA

SOC 3

Kofax is proud to become a SOC 3 certified organization, which means that Kofax complies with the reporting requirements stipulated by the American Institute of Certified Public Accountants (AICPA). The SOC 3 report is a publicly available, executive summary of our SOC 2 report and covers the Security, Availabliity, and Confidentiality Trust Services Principles.

Request SOC 3 Report (for Customers and Partners)
ISO IEC 27001

ISO/IEC 27001

Kofax is certified in ISO/IEC 27001, a widely known standard for information security management system (ISMS) and their requirements. It enables organizations to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties.

Download Certificate
PCI

PCI DSS

The Payment Card Industry Data Security Standards (PCI DSS) is a proprietary information security standard designed to ensure that companies processing, storing or transmitting payment card information maintain a secure environment. A third-party PCI Qualified Security Assessor (QSA) assesses Kofax systems and processes on an annual basis and issues an Attestation of Compliance.

Learn More
Peppol

Peppol

Peppol is a set of artifacts and technical specifications that enable eProcurement solutions and eBusiness exchange services to be interoperable between disparate systems across Europe. Kofax adheres to the Peppol standard.

Learn More
GDPR

GDPR

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that regulates the use of personal data of EU residents and provides individuals rights to exercise control over their data. Kofax is compliant with GDPR.

Learn More
CCPA

CCPA

The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information that businesses collect about them. Kofax is compliant with CCPA.

Learn More
HIPAA

HIPAA

The United States Health Insurance Portability and Accountability Act of 1996 (HIPAA) regulates the security and privacy of Protected Health Information (PHI) held by covered entities and gives patients an array of rights with respect to that information. Kofax is compliant with the HIPAA security requirements.

Learn More
Privacy

Protecting Our Customer's Data Privacy

Protecting our customers’ data privacy is a top priority. We are committed to evaluating and updating our privacy policies and practices, and ensuring our continued compliance with GDPR, CCPA, and HIPAA.

Read our online privacy notice

System Status

Stay In the Know on Kofax Systems

The Kofax System Status site provides real-time information on service availability, performance, and scheduled maintenance events for our cloud products.

Visit the Kofax Status Page

Our Commitment to Ethical Behavior and Legal Compliance

Anonymous submission of ethics-related inquiries or suspected violations may be submitted confidentially via the Kofax Corporate Compliance Whistleblower Website, a completely external service.

Learn More

2023 Kofax Impact Report

This document contains disclosure of environmental, social and governance (ESG) information relevant to Kofax. The disclosures in this report illustrate how Kofax activities align with the Sustainable Development Goals (SDGs), which comprise the key objectives of the United Nations 2030 Agenda for Sustainable Development.

Learn More
blue-empty-room-studio-gradient-with-spotlight

Environmental, Social and Governance (ESG) Statement 

Kofax’s commitment to sustainability and today’s environmental and societal challenges is an important responsibility.