Skip to main content
Oximy

Enterprise-Grade Security

Your data is in safe hands

SOC 2 certified. HIPAA and GDPR compliant. Your data is never used to train models.

Visit Trust Center
SOC 2 Type I
HIPAA Compliant
GDPR Ready

Certifications

Independently verified

Certified

SOC 2 Type I

Independently audited for security, availability, and confidentiality. Type II underway.

Compliant

HIPAA

Compliant with healthcare data protection requirements. BAAs available for enterprise.

Compliant

GDPR

Full compliance with EU data protection regulations. DPAs available on request.

View all certifications in our Trust Center

Security

Built for security from day one

Data Encryption

All data encrypted in transit (TLS 1.3) and at rest (AES-256).

Flexible Hosting

US-based, EU-based, or fully on-premises deployment.

No Model Training

Your data is never used to train AI models. Contractually guaranteed.

SSO & Access Control

SAML 2.0 and OIDC. Fine-grained role-based access control.

Audit Logs

Every action logged and traceable. Full visibility for compliance reviews.

Penetration Testing

Annual pen tests by top-tier security firms across the full platform.

Zero Trust Architecture

Access is always verified, limited, and logged. No implicit trust.

Data Retention Policies

Configurable retention periods aligned with your policies and regulations.

Frameworks

Aligned with major AI security frameworks

OWASP LLM Top 10

Protection against all 10 critical LLM vulnerabilities

NIST AI RMF

Aligned with the NIST AI Risk Management Framework

ISO 42001

AI management system standards alignment

MITRE ATLAS

Defense against adversarial AI attack techniques

AIUC-1

AI User Controls standard compliance

EU AI Act

Ready for European AI regulatory requirements

FAQs

All data is encrypted in transit using TLS 1.3 and at rest using AES-256. BYOK (bring your own key) is available for customers who need additional control.

Have more questions?

Serious about security?

See how Oximy protects your AI systems while maintaining SOC 2, HIPAA, and GDPR compliance.

Trust Center