Generic selectors
Exact matches only
Search in title
Search in content
Search in posts
Search in pages

Ask a question or schedule a demo:

CORPORATE COMPLIANCE

Leading the Way in

SECURITY AND COMPLIANCE

At DOMA our team is constantly in risk assessment mode.

Data protection, data breaches, data loss, account hijacking, unsecured APIs, denial of service, and malicious insiders are at the top of our list of concerns and we prioritize efforts to mitigate those risks. We support corporate compliance every step of the process including our secure system of electronic records management.

We implement security and compliance measures across DOMA's secure document management system:

At DOMA all of our employees go through cyber security training to enforce company-wide security and compliance

  • Initial Cyber Security Training occurs for all employees during the onboarding process. Including:
    • HIPAA
    • PII
    • PHI
    • Cyber Security Best Practices
    • Password Security
    • Facility Security
  • Training is role-based
    • Developers go through OWASP and other specialized programming security training
    • IT Administrative Professionals go through additional training to understand best practices for protecting upper-level systems.
  • Training is repeated by each employee in 12-month cycles,

We ensure your documents are carefully tracked and your information never falls into the wrong hands.

Here of some of the security steps, we take during the Digital Conversion/Document Scanning process to protect records from your business:

  • Records are transported in our GPS monitored, speed tracked, and secure DOMA vehicles. These vehicles make no stops from your facility to a Secure DOMA Facility.
  • DOMA Facilities are secured at every entry point with access only to authorized personnel.
  • We follow the HIPAA Regulations for safeguarding Protected Health Information (PHI) and Personal Identifiable Information (PII).
  •  Within the DOMA Secure Facility access to Document, Conversion Rooms are restricted, requiring key-card entry.  In our Secure Document Conversion Rooms, cell phones and all other forms of recording devices are prohibited, further protecting PII and PHI.

 

When the conversion is finished there are 3 options for the safe disposal or return of converted documents:

  1. The destruction of all converted documents on-site, including a Destruction Certificate
  2. The secure return of all documents to your organization’s facility
  3. Long-term storage in a protected facility

Our cloud services make engaging with your content easy while adhering to the highest standards of data protection.

All processing takes place within Amazon Web Services’ (AWS) highly secure environment:

  • DOMA’s security best practices incorporate AWS’s IT infrastructure. AWS augments our compliance with a variety of IT security standards:
    • SOC1 / SOC2/ SOC3
    • FISMA / FedRAMP / DodSRG Levels 2 and 4 / FIPS 140-2
    • PCI DSS Level 1
    • ISO 9001 / ISO 27001 / ISO 27017 / ISO 27018
      ITAR
  • AWS is a secure environment that meets HIPAA compliance.
  • Being compliant with The Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG) allows DOMA to serve DoD customers on the Cloud.
Compliance

HIPAA | FISMA | PCI DSS Level 1 | FIPS 140-2 | ISO 9001:2015 | GDPR | CCPA | SOX | GBLA | AWS Partner | Microsoft Gold Partner

Our software is designed to keep you in full control of how your data is accessed.

Simplify records management and safeguard your records with our Secure Document Management Software.

Our DX Software is designed with your security needs in mind:

  • Customize User Access- Effectively implement Granular Access Controls by creating different user levels of access and delegate privileges for each level. 
  • Simplified Auditing- Set up reports/audits to keep track of organization-wide activity such as:
    • Audit User Actions
    • Track System login/logout
    • Track Document Creation/Editing
    • Track User Creation
  • Audit logs cannot be altered, thus offering increased security.
  • Our DX Software is encrypted during transmission and at rest.
  • The software can be restricted to a white-listed group of IPs if desired.
  • Apply digital signatures as a certificate to authenticate your documents.
  • The DOMA Development Team continuously monitors our DX Software for security vulnerabilities.
  • Our DX Software is hosted in the highly secure AWS Cloud, 

List of DOMA Compliance

Increase regulatory compliance, data security, and improve business operations.

DOD Seal

DoD SRG levels 2 &4

Being compliant with The Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG) allows DOMA to serve DoD customers.

HIPAA Compliance Logo

HIPAA

DOMA is compliant with HIPAA regulation (Health Insurance Portability and Accountability Act of 1996) protecting private health information records.

FISMA Compliance Logo

FISMA

Compliant with FISMA (Federal Information Security Management Act), a federal law requiring an information security and protection program.

PCI DSS Compliant Logo

PCI DSS LEVEL 1​

Compliant with PCI DSS (Payment Card Industry Data Security Standard ensuring that credit card information is maintained in a secure environment.

FIPS Logo

FIPS 140-2​

Compliant with FIPS 140-2 (Federal Information Processing Standard), a government-approved cryptographic computer security standard.

ISO Certification Logo

ISO 9001:2015

Certified in International Organization for Standardization 9001, Quality Management Systems.

GDPR Logo

GDPR

DOMA is (General Data Protection Regulation) GDPR Compliance ready.
GDPRS's parameters for data protection mean people have more control over their personal data and businesses are put on a level playing field,

Cox Compliance Logo

SOX

Compliant with Sarbanes-Oxley Act ensuring that information stored cannot be tampered with (altered) by any employee. All data is encrypted with AES encryption prior to transmission and while it resides within the data center.

Gramm Leach Bliley Act Compliant Logo

GLBA​

Compliant with the Graham Leach Bliley Act’s standards for protecting the privacy of a customer’s financial information through data encryption before transmission, during transmission and while at rest. As well as protection of data from physical hazards and unauthorized access to or use of such information that could result in substantial harm or inconvenience to any customer.

CCPA Compliance

CCPA

Per the California Consumer Privacy Act of 2018 (CCPA), we are the processor of your data and as such are prepared to support the you, our customer, in meeting the requirements of the CCPA.

AWS

DOMA’s infrastructure is located within Amazon Web Services’ (AWS) highly secure environment. The AWS IT infrastructure provides to DOMA security best practices and a variety of IT security standards, including:​

  • SOC1 / SOC2/ SOC3
  • FISMA / FedRAMP / DodSRG Levels 2 and 4 / FIPS 140-2
  • PCI DSS Level 1
  • ISO 9001 / ISO 27001 / ISO 27017 / ISO 27018 ITAR
Microsoft Gold Partner Logo

Microsoft Gold Partner

DOMA is a Microsoft Gold Partner with a competency in Windows and Devices. The Windows and Devices competency demonstrates a specialization in providing advice and services to help customers best leverage their Windows 10 hardware.

MEET OUR
COMPLIANCE ANALYST

Marti Jones, CISA, is our

Compliance Analyst and Privacy Officer

Play Video

Read our most recent
Compliance Blog

About Us

Work smarter and automate your processes with DOMA ‘s DX Software. Powered by Amazon Web Services (AWS) our platform makes it easy to create, collaborate, share, automate, and transform the way you manage your data.
Generic selectors
Exact matches only
Search in title
Search in content
Search in posts
Search in pages

Get in Touch

841 Seahawk Circle
Virginia Beach, VA

© DOMA Technologies - All Rights Reserved