Tungsten Automation Trust
Security, compliance, and privacy information you can count on
Tungsten Automation, formerly Kofax, takes building and maintaining the trust of our customers seriously. Tungsten Automation provides robust security, compliance, and privacy programs that carefully consider data protection matters across our suite of products. The Tungsten Automation Trust site ensures you have the latest security, compliance, and privacy information at your fingertips.
Highlights of Tungsten Automation’s Security Approach
Data Security
Industry standard physical and technical measures to protect you and your data
Product Testing
Robust data and privacy compliance testing and threat and vulnerability management programs
Risk Management
24/7/365 network security monitoring procedures to keep you running
Organization & Management
Dedicated teams of SMEs across privacy, information security, and compliance
Audits & Attestations
Significant investment in maintaining globally recognized certifications and attestations
Communications
Proactive incident response management and communications on security incidents
Certifications, Standards, and Regulations
Click here to view our Information Security Policy which applies for “Cloud Services” and “Public facing SaaS solutions."
SOC 2 Type 1 and Type 2
Tungsten Automation has invested significant resources to become a SOC 2 certified organization, which means that Tungsten Automation complies with the reporting requirements stipulated by the American Institute of Certified Public Accountants (AICPA). We undergo yearly audits across all aspects of our production operations, including our datacenters, and have sustained and surpassed all requirements.
SOC 3
Tungsten Automation is proud to have achieved a SOC 3 attestation, which means that Tungsten Automation complies with the reporting requirements stipulated by the American Institute of Certified Public Accountants (AICPA). The SOC 3 report is available upon request to customers and partners, executive summary of our SOC 2 report and covers the Security, Availability, and Confidentiality Trust Services Principles.
ISO/IEC 27001
Tungsten Automation is certified in ISO/IEC 27001, a widely known standard for information security management system (ISMS) and their requirements. It enables organizations to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties.
PCI DSS
The Payment Card Industry Data Security Standards (PCI DSS) is a proprietary information security standard designed to ensure that companies processing, storing or transmitting payment card information maintain a secure environment. A third-party PCI Qualified Security Assessor (QSA) assesses Tungsten Automation systems and processes on an annual basis and issues an Attestation of Compliance.
Peppol
Peppol is a set of artifacts and technical specifications that enable eProcurement solutions and eBusiness exchange services to be interoperable between disparate systems across Europe. Tungsten Automation adheres to the Peppol standard.
GDPR
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that regulates the use of personal data of EU residents and provides individuals rights to exercise control over their data. Tungsten Automation is compliant with GDPR.
CCPA
The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information that businesses collect about them. Tungsten Automation is compliant with CCPA.
HIPAA
The United States Health Insurance Portability and Accountability Act of 1996 (HIPAA) regulates the security and privacy of Protected Health Information (PHI) held by covered entities and gives patients an array of rights with respect to that information. Tungsten Automation is compliant with the HIPAA security requirements.
Hellios Certified Accredited Supplier
The rigorous Hellios certification process tests suppliers' capabilities on multiple fronts to ensure they adhere to the highest standards in quality, compliance, sustainability, and risk management. By achieving this accreditation, Tungsten Automation showcases its dedication to surpassing these requirements, enabling customers to make informed choices when selecting a trusted vendor.
Protecting Our Customer's Data Privacy
Protecting our customers’ data privacy is a top priority. We are committed to evaluating and updating our privacy policies and practices, and ensuring our continued compliance with GDPR, CCPA, and HIPAA.
Stay In the Know on Tungsten Automation Systems
The Tungsten Automation System Status site provides real-time information on service availability, performance, and scheduled maintenance events for our cloud products.
Explore our Responsible AI and Governance documentation for insights into our commitment to ethical AI practices and compliance standards; this document is provided for informational purposes only and is not legally binding.
2024 Tungsten Automation Impact Report
This document contains disclosure of environmental, social and governance (ESG) information relevant to Tungsten Automation. The disclosures in this report illustrate how Tungsten Automation activities align with the Sustainable Development Goals (SDGs), which comprise the key objectives of the United Nations 2030 Agenda for Sustainable Development.
Download nowEnvironmental, Social and Governance (ESG) Statement
Tungsten Automation’s commitment to sustainability and today’s environmental and societal challenges is an important responsibility.
Download now