iDox.ai Compliance
iDox.ai makes ongoing commitments to deliver products and services that are compliant with industry-accepted best practices, standards, and regulations.

iDox.ai’s TAA Compliance

TAA refers to the Trade Agreements Act (19 U.S.C. & 2501-2581), which is intended to foster fair and open international trade. TAA requires that the U.S. Government may acquire only “U.S. – made or designated country end products. This act requires that contractors must certify that each end product meets the applicable requirements. End products are ‘those articles, materials and supplies to be acquired for public use’.” This includes items which have been “substantially transformed” in the United States.

iDox.ai’s TAA compliant products are listed below. These products are also compliant with GSA Schedules.

ISO 27001 Certified

iDox.ai is ISO 27001 certified, which means we have implemented the best information security process practices according to the standards set by the International Organization for Standardization. ISO 27001 is the only auditable international standard that defines the requirements for information security management systems, which means our customers can be assured that their data is managed safely and efficiently by iDox.ai.

SOC 2 Certification

The SOC 2 certification indicates that iDox.ai processes, procedures, and controls meet the highest industry standards for security, availability, process integrity, and confidentiality. The SOC 2 examination was performed by an independent, third-party organization that evaluated iDox.ai security processes and internal control effectiveness for confidentiality, privacy, and integrity against the American Institute of Certified Public Accountant’s (AICPA) Security Trust Service Criteria. The audit found that iDox.ai met all industry standards. The company enlisted AARC-360 to perform the independent certification.

SOC 1 Certification

Service Organization Control (SOC) Type 1 is a report on the controls at a service organization relevant to security, availability, processing integrity, confidentiality, and privacy. It is conducted by an independent third-party auditor and provides assurance that the organization's control objectives are suitably designed and implemented at a specific point in time. iDox.ai undergoes regular SOC Type 1 audits to demonstrate its commitment to maintaining a secure and reliable environment for its users. The audit verifies the effectiveness of iDox.ai's control measures, ensuring the confidentiality and integrity of user data.