Leading the Way in
Security & Corporate
Compliance
Data protection, data breaches, data loss, account hijacking, unsecured APIs, denial of service, and malicious insiders are at the top of our list of concerns and we prioritize efforts to mitigate those risks. We support corporate compliance every step of the process including our secure system of electronic records management.
List of DOMA Compliance
SOC 2
Compliance
SOC 2 Compliance
Our company is SOC 2 compliant, demonstrating our commitment to securing and protecting customer data through strict industry standards for security, availability, processing integrity, confidentiality, and privacy.
Department of Defense SRG Levels 2 & 4
DoD SRG Levels 2&4
Being compliant with The Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG) allows DOMA to serve DoD customers.
AWS Partner Advanced Tier Services
AWS
DOMA’s infrastructure is located within Amazon Web Services’ (AWS) highly secure environment. Amazon Web Services provides an additional layer of security to everything DOMA has already achieved.
PCI DSS
LEVEL 1
PCI DSS Level 1
Compliant with PCI DSS (Payment Card Industry Data Security Standard ensuring that credit card information is maintained in a secure environment.
GLBA
Compliance
GLBA
Compliant with the GLBA standards for protecting the privacy of a customer’s financial information through data encryption before transmission, during transmission and while at rest. Also protection of data from physical hazards and unauthorized access.
SOX
Compliance
SOX
Compliant with Sarbanes-Oxley Act ensuring that information stored cannot be tampered with (altered) by any employee. All data is encrypted with AES encryption prior to transmission and while it resides within the data center.
GDPR
Compliance
GDPR
DOMA is (General Data Protection Regulation) GDPR Compliance ready.
GDPR's parameters for data protection mean people have more control over their personal data and businesses are put on a level playing field,
GDPR's parameters for data protection mean people have more control over their personal data and businesses are put on a level playing field,
CCPA
Compliance
CCPA
Per the California Consumer Privacy Act of 2018 (CCPA), we are the processor of your data and as such are prepared to support the you, our customer, in meeting the requirements of the CCPA.
ISO/IEC
27001 & 27017
ISO/IEC 27001 & 27017
International Organization for Standardization certified for Information Security Management 27001
& Cloud Security Management Certified 27017
& Cloud Security Management Certified 27017
FISMA
Compliance
FISMA
Compliant with FISMA (Federal Information Security Management Act), a federal law requiring an information security and protection program.
FIPS
140-2
FIPS 140-2
Compliant with FIPS 140-2 (Federal Information Processing Standard), a government-approved cryptographic computer security standard.
Virginia Values Veterans V3 Program
Virginia Values Veterans
DOMA is Virginia Values Veterans V3 Program Certified and has demonstrated to the Commonwealth that they Value Veterans, and have made a public commitment to hire Veterans into their workforce.
HIPAA
Compliance
HIPAA
DOMA is compliant with HIPAA regulation (Health Insurance Portability and Accountability Act of 1996) protecting private health information records.