Regulatory Compliance

HIPAA Certified

Ensures the secure handling of Protected Health Information (PHI). Scanned medical records must be encrypted, access-controlled, and managed under strict privacy safeguards to comply with federal healthcare data protection standards.

CJIS Compliance

Required for handling criminal justice data, including fingerprints and case files. Scanning services must use encryption, background-checked staff, and secure systems to protect sensitive law enforcement information.

FERPA Compliance

Protects student education records from unauthorized access or disclosure. Scanned academic documents must be securely digitized, stored, and accessed only by approved educational personnel under federal privacy law.

FISMA Compliance

Federal agencies and their contractors scanning systems must implement NIST-compliant security controls, ongoing monitoring, and risk assessments to protect federal information assets.

NAVY PII Compliance

Regulates the secure handling of Personally Identifiable Information (PII) for Navy personnel. Scanned military records must be encrypted, access-limited, and breach-reportable under Department of Navy privacy protocols.

SOC2 Certified

Verifies that service providers securely manage customer data. Document scanning vendors must meet audit-based standards for security, availability, processing integrity, confidentiality, and privacy of digitized records.

ISO 2700 Certified

Global information security standard for managing risks. Scanning services must implement and maintain a certified Information Security Management System (ISMS) to protect digitized content from threats and breaches.

GDPR Compliance

Required for handling EU citizens’ personal data. Scanning services must obtain valid consent, enforce data rights, ensure secure storage, and process scanned documents in full alignment with EU privacy regulations.

CLETS Compliance

Governs access to California law enforcement systems. Scanning personnel must pass background checks, and scanned records must be securely processed, logged, and accessed only by authorized users per DOJ guidelines.

CADOJ Live Scan Compliance

Covers digital fingerprint submissions and identity verification in California. Scanning providers must follow DOJ submission rules and maintain data security when handling scanned applicant and ID forms.

E-Verify Compliance

Ensures verification of employment eligibility for new hires. Scanning services must digitize I-9 forms and supporting ID documents with accuracy, integrity, and secure storage to meet federal compliance rules.

FINRA Compliance

Applies to firms handling financial transactions and client data. Scanned documents such as reports and disclosures must meet FINRA’s strict retention, supervision, and auditability requirements for regulatory review.

PBSA Compliance

Establishes standards for ethical background screening practices. Scanning providers must ensure secure and accurate digitization of consumer reports, consistent with FCRA and industry-recognized PBSA protocols.

CDIA+ Certified

Recognizes expertise in document imaging and content management. Certified scanning professionals apply industry best practices to capture, convert, and securely store documents for regulatory and operational efficiency.

ECMp Certified

Awarded by AIIM for ECM professionals. Scanning teams with this certification are trained in secure content lifecycle management, ensuring digitized files are properly captured, indexed, stored, and retained.

CaptureP Certified

Demonstrates skill in scanning, indexing, and digital capture processes. CaptureP-certified professionals ensure scanned documents meet quality standards, workflow needs, and data integrity requirements.

FADGI Compliance

Defines quality standards for federal digital imaging. Scanning services must meet FADGI’s technical benchmarks to ensure accurate, consistent, and preservation-ready digital files for government and archival use.

FDA 21 CFR Compliance

Regulates electronic records in FDA-controlled industries. Scanning vendors must ensure digitized documents support validation, audit trails, and secure electronic signatures per FDA compliance requirements.

HITECH Compliance

Enhances HIPAA by mandating breach notifications and stronger EHR security. Scanned health records must be encrypted, monitored, and handled under strict technical safeguards for healthcare data protection.

PCI DSS Compliance

Sets security rules for businesses handling cardholder data. Scanning services must use encryption, restricted access, and validated processes to protect scanned credit card records from fraud and data theft.

DOL ERISA Compliance

Regulates employee benefit plan records under the Department of Labor. Scanning services must ensure plan documents, disclosures, and financial reports are digitized securely and retained per ERISA’s access and audit rules.