Signority Compliance Overview
Helping our customers with compliance with our technologies and solutions
Our compliance commitment
Signority is frequently asked if our Signority eSignature Platform is “compliant” or “certified” with specific legislation and associated regulations. It is important to understand that currently there are no legislative programs to assess technology solutions’ third-party compliance with legislation or regulations or to provide certification.
Customers are always in control of how they create, manage and access their content stored within the Signority eSignature Platform. Signority does not maintain detailed visibility into or knowledge of what its customers are uploading, including whether or not that data is subject to certain legislation or regulation, and overall customers are responsible for ensuring their own compliance.
Signority Inc. maintains compliance with applicable federal Personal Information Protection and Electronic Documents Act (PIPEDA) and industry standards including Payment Card Industry Data Security Standard (PCI DSS).
The Signority eSignature Platform (SeSP) through the security and privacy controls and practices, as well as electronic signing controls and practices that it has implemented is compliant with all relative privacy protection legislation, as well as electronic signing controls and practices that it has implemented. This includes compliance with PIPEDA, provincial privacy protection legislation, provincial health information protection legislation, provincial ecommerce and esigning legislation and other related legislation such as Ontario’s Child, Youth and Family Services Act (CYFSA), 2017.
Signority uses Amazon Web Services (AWS) data center services to host the Signority eSignature Platform. AWS is compliant with and has ISO 27001, ISO 27017, ISO 27018, HIPAA, SOC 1/ISAE 3402, SOC 2, SOC 3, CSA Star Level 1, 2 and 3, FISMA, DIACAP, and FedRAMP security framework certifications.
We also ensure that our Signority eSignature Platform is protected through the application of appropriate people, process, and technology safeguards, to support our customers in remaining compliant with their own federal, provincial, and state level data protection laws and health information protection laws, when using our eSignature Platform.
Customers should consult their own legal advisors to understand the laws to which they are subject to.