Security and compliance—contact center platform

Secure, compliant, reliable.

We’ve got the tools, experts, and technology to help you build a secure contact center you can trust your business with.
View a demo
Try for free
Request a quote
Call center compliance has its benefits.
Decrease risk
By avoiding data breaches and compliance fines.
Stay up and running
With business continuity and disaster recovery plans for your contact center.
Preserve data
With regular backups and data storage options.
Extend your IT team
And eliminate finger-pointing and gotchas by relying on a secure, integrated platform.
Reduce overhead
With managed security, operations, and protection for your contact center.
See what leading call center software can do for you.
Discover how the right suite of tools can deliver better customer experiences across any channel while improving everything from agent performance to data analysis.
Watch demo
See what leading call center software can do for you.
Discover how the right suite of tools can deliver better customer experiences across any channel while improving everything from agent performance to data analysis.
Watch demo

Leave security and compliance to the experts.

The NICE Trust Office is an organization of cloud security experts, tools and processes that provide superior security, compliance and reliability by safeguarding contact centers. The result: your critical company data stays safe, and you get system-wide availability.

The Trust Office drives security across CXone through a meet-and-exceed approach to audits for FedRAMP, PCI DSS, HITRUST, SOC2, GDPR and more. The platform is rigorously tested though regular penetration and intrusion detection exercises, all proactively monitored by two NOCs on a 24/7/365 basis, allowing for 99.99% guaranteed platform uptime, including maintenance windows.
Security comes standard.
NICE is committed to maintaining compliance standards for customer privacy and information security. If you’re looking for a robust set of standards, you’ve come to the right place.
Get the datasheet
man with laptop
“Trust is the first ingredient of any sale. NICE CXone has the rich features, the reporting and technology we need, but what made the big difference was trust. I trust their business. I trust their platform. I trust the NICE organization and infrastructure supporting it all.”
Marion Timpson
Chief Operating Officer PlusOne Company
Less risk. More reward.
Defend your critical data
Our high-security cloud environment protects your data and operations with a rigorous security architecture.
Rely on 99.99% uptime
With built-in disaster recovery and guaranteed uptime, you’ll never lose a call or interaction due to an outage.
Your compliance goals, achieved
Take a security-driven approach to your compliance, implementing required standards to build confidence from your customers.
Get the datasheet
Don’t just meet your compliance needs. Exceed them.
FEDRAMP
The FedRAMP program adheres to the National Institute of Standards and Technology (NIST) Special Publication 800-53 baseline security controls that allows for the processing of data across U.S. Federal Government entities. NICE helps agencies migrate from legacy systems to our resilient, compliant, and secure CXone platform. NICE is the only cloud contact center provider given Authorization to Operate (ATO) in a FedRAMP environment.
PCI DSS Level I and II
The Payment Card Industry Data Security Standard (PCI DSS) assesses the security and data privacy of cardholder data traversing across information systems. We help contact centers adhere to approved controls while taking our responsibility to protecting sensitive customer cardholder data seriously.
CPNI
We comply fully with the Federal Communications Commission in protecting Customer Proprietary Network Information (CPNI). Your customer’s information call types are securely stored and continuously monitored. We’re also rock-solid in our commitment to never sell, lend, or license CPNI data to a third-party.
AICPA SOC 2 Type 2 + HiTRUST
We’re committed to System and Organizational Controls (SOC) Type 2 that measures how well a given service organization conducts and regulates its data and organizational security programs. We’re also adhering to the supplemental Health Information Trust (HITRUST). Both ensure that we’re processing sensitive protected health information (PHI) in accordance with the HITRUST Common Security Framework mapped with the AICPA’s Trust Services Criteria.
GDPR
The Global Data Protection Regulation (GDPR) aims to protect all European Union citizens from privacy and data breaches. As a data processor acting and serving our customers as data controllers, we place an extreme high importance of ensuring all GDPR Articles are enforced and audited by offering security features to use our contact center services to better protect data this is most sensitive.
IRAP
NICE is fully accredited through the Information Security Registered Assessors Program (IRAP), which is an Australian Signals Directorate (ASD) initiative to provide high-quality information and communications technology (ICT) security assessment services to the Australian government. The NICE IRAP compliance procedure has been performed by an independent IRAP assessor and ensures that the platform protects the Australian government’s data from access, abuse and disclosure when leveraging cloud contact center services.
Cyber Essentials
Cyber Essentials is an information assurance protocol operated by the United Kingdom’s National Cyber Security Centre (NCSC) that ensures information risk management by using an assurance framework and set of security controls to indicate an organization’s ability to protect its customers’ data from threats coming from the Internet. NICE has received the Cyber Essentials Certificate of Assurance following an independent assessment of its infrastructure and technical controls, such as boundary firewalls and gateways, secure configuration, access control, malware protection and patch management.
CCPA
The California Consumers Protection Act (CCPA) was designed to enhance data privacy for residents of California by disclosing customer information handling as it pertains to individual data verification, opt-out procedures and general overviews of selling customer information, and methods of requests submission criteria. We value the importance of customer data privacy by offering CCPA-compliant based controls.
SOX
Publicly traded under NICE Ltd. (NASDAQ: NICE), we annually undergo SOX auditing to protect shareholders of the company and the general public from any accounting errors or fraudulent practices and to improve the accuracy of our corporate disclosures. We fully comply with SOX electronic record rules and security controls to address data storage and processing flows for compliant data handling.
Section 508
We support and fully comply with Section 508 of the Rehabilitation Act of 1973, requiring all federal agencies to make information technology accessible with disabilities. In demonstrating our compliance, we will offer a completed Voluntary Product Accessibility Template (VPAT) upon request.
HIPAA
We follow the privacy and security protections under HIPAA and the Health Information Technology for Economic Clinical Health (“HITECH”) Act. For covered entities and business associates subject to HIPAA, NICE offers solutions for processing, transmitting, and storing protected health information (“PHI”). Upon request, NICE will sign a business associate agreement (“BAA”).
AICPA SOC 2 Type 2 + HiTRUST
We adhere to the Telephone Consumer Protection Act (TCPA) and the STIR/SHAKEN Protocol, designed to combat robocalls by requiring grading call integrity before it hits the public internet or PSTN. NICE offers full A-level attestation for calls originating from our platform, before they even reach the carrier. This means that all CXone calls have the thumbs-up to travel to your customers.
Contact us

If you would like to know more about our platform or just have additional questions about our products or services, please submit the contact form. For general questions or customer support please visit our Contact us page.

White Papers

Cloud Contact Center Security: Questions You Must Ask

To trust your contact center in the cloud, you need a provider that meets the highest security standards. Ask these questions to evaluate security, reliability, and performance for your cloud contact center.

Download PDF
Customer Stories

Business Continuity during a pandemic

Calls to 211 LA’s disaster hotline escalated dramatically during the COVID-19 pandemic. 211 LA turned to Expivia, a BPO using CXone, which enabled both organizations to quickly transition their agents to working from home.

Read case study
Datasheets

NICE CXone Disaster Recovery Capabilities

NICE CXone provides enterprise level failover and redundancy capabilities to keep your business going, along with scalability features to allow quick response to any situation.

Get the datasheet
Resource Library
We use cookies to enhance your experience. By continuing to visit this site you agree to our use of cookies. Privacy Policy
Ok
Also of Interest