Understanding Our Responsibility

We understand the critical importance of protecting data and privacy. VeriFacts has earned certifications requiring third-party audits to ensure we meet the highest standards including SSAE 16, SOC 2 Type 2, PCI/DSS and TECH LOCK certification. 

Our operational workflows and technology frameworks are above and beyond regulatory compliance standards. We strictly adhere to some of the toughest data security measures and audit requirements as we remain consistently committed to data responsibility.


What Data Security Certifications Does VeriFacts Hold?

VeriFacts works diligently to earn and maintain multiple data security certifications. To do so, we are voluntarily and routinely audited by professional third party experts to ensure our ongoing compliance with each standard.

  • SSAE16

  • Federal Information Security Management Act of 2002 (FISMA)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Gramm-Leach-Bliley Act (GLBA) Safeguards Rule
  • International Organization for Standardization (ISO 27002)
  • Massachusetts 201 CMR 17.00
  • Minnesota Plastic Card Security Act (MN PCA)
  • Nevada NRS 603a
  • Payment Card Industry Data Security Standards (PCI DSS 3.0)

Policies & Procedures

Our team has developed thorough and comprehensive policies and procedures for each data and verification service that we provide.  The VeriFacts leadership team and third-party consultants regularly review our policies with our team and legal counsel, in accordance with evolving regulations to ensure current and accurate compliance with industry standards. 

Regulatory Compliance

VeriFacts takes a conservative approach to regulatory compliance. Our compliance program addresses our requirements as applicable to federal and state regulations including: