Compliance in Government

SOC 2 Type 2

This report details the controls for Laserfiche Cloud related to the criteria for the security, availability and confidentiality principles set forth in TSP section 100, 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy (AICPA, Trust Services Criteria).

HIPAA

Laserfiche’s SOC Type 2 Plus covers the security requirements set forth in the Health Insurance Portability and Accountability Act of 1996 (HIPAA), provided within Title 45 Code of Federal Regulations Sections 164.308 – 312 (45 CFR Sections 164.308-312) (the Security Requirements).

DoD 5015.2 Records Management Applications

DoD 5015.2 details the Department of Defense’s baseline requirements for Records Management Applications (RMA), that facilitate adequate and appropriate basis for addressing the basic challenges of managing records in the automated environment that increasingly characterizes the creation and use of records. Laserfiche Cloud records management controls are based on our self-hosted Department of Defense 5015.2 version 3-certified electronic records management capabilities.

Voluntary Product Accessibility Section 508 Compliance

Laserfiche has published VPATs available for the web client, Public Portal, Import Agent, Connector, Laserfiche Microsoft Office Plug-in, the Laserfiche home page and its tabs including the task listing page and submitting forms, the process automation dashboard, listing pages, each process automation design tool and custom reports.

ISO/IEC 27001:2022

Laserfiche meets the information security requirements of the ISO/IEC 27001 certification for the information security management system (ISMS) which is the standard for how companies should establish, implement, maintain and continually improve an information security management system.

Learn More

SEC Rule 17a-4

Laserfiche Vault is a Laserfiche Cloud solution package of services and cloud-based features that supports stringent non-alterable record archival requirements such as WORM (write once, read many) compliance required by SEC Rule 17a-4 for broker dealers. Beyond financial services, Laserfiche Vault’s strict compliance mode can also be applied to support rigorous records management practices for electronically stored information (ESI) requiring prevention of any unauthorized alternations or deletions of digital records.

HECVAT

Laserfiche has completed the Higher Education Community Vendor Assessment Toolkit (HECVAT).

Contact Us for Your ECM Needs

Whether you have product questions, support needs, or want to partner with us, we’re here to help you on your digital transformation journey. Fill out the form and a Laserfiche team member will be in touch as soon as possible.

First Name(Required)

Last Name(Required)

Work Email(Required)

Work Phone(Required)

Company Name(Required)

Industry(Required)

Department(Required)

Country(Required)

State(Required)

Message(Required)

Privacy(Required)

By checking this box, I confirm that I have read and agree to the Laserfiche Privacy Notice and Terms of Use.*

Email Consent

By checking this box and submitting this page, I consent to Laserfiche emailing me regarding Laserfiche products, events, demos, and updates. I understand that I may withdraw my consent at any time. Please refer to our Privacy Notice for more details.

Product Features

Explore More

By Industry

By Department

By Business Need

Product Education

Product Support

Insights

Events

Compliance