Sign in
Open console
Docs/Configure · Compliance/Frameworks
docs · configure · compliance

Frameworks

reference

The compliance frameworks VeriCite maps to, and your coverage.

VeriCite maps its controls to a fixed set of compliance frameworks so you can see, in one place, which ones apply to your workspace and what "coverage" means for each. This page is a reference: it lists every framework VeriCite recognizes and how your plan determines the subset that is available to you.

What coverage means

Coverage describes how VeriCite's data-handling, security, and accessibility controls line up with each compliance framework. It is not a per-workspace certificate you toggle on. Listing a framework here tells you VeriCite's platform is built to map to it; whether it is in scope for your tenant depends on your plan.

Browse-only at the tenant levelFor every tenant role — including Tenant Administrator — this screen is read-only. You can review the frameworks and your coverage, but enabling or disabling a framework and any per-standard configuration are superadmin-only. There is no tenant toggle here, so there is nothing for a tenant role to save.

The seven frameworks

VeriCite recognizes seven compliance frameworks. The Plan column shows which ones are available on all plans and which are Enterprise-only.

FERPAEnterprise
US student education-records framework. VeriCite's data-handling and access controls are built to map to it for workspaces serving education data.
HIPAAEnterprise
US protected-health-information framework. VeriCite's data-handling and security controls are built to map to it for workspaces handling health data.
GDPREnterprise
EU personal-data framework. VeriCite's data-handling and security controls are built to map to it.
COPPAEnterprise
US children's-online-privacy framework. VeriCite's data-handling controls are built to map to it for workspaces serving minors.
SOC 2All plans
Trust-services security and availability framework. VeriCite's platform security and operational controls are built to map to it.
ISO 27001All plans
Information-security management framework. VeriCite's security controls are built to map to it.
WCAG 2.1All plans
Web-accessibility framework. VeriCite's accessibility controls are built to map to it across its surfaces — console, widget, and documentation.
Enterprise-only frameworksFour of the seven — GDPR, HIPAA, FERPA, and COPPA — are available only on Enterprise plans. SOC 2, ISO 27001, and WCAG 2.1 are recognized on all plans.
console.vericite.ai
screenshot — provided as a component
The Frameworks screen under Configure ▸ Compliance, listing all seven frameworks and their coverage

Notes & caveats

  • Tenant-level access is browse-only. Enabling or disabling a framework and editing any per-standard configuration are superadmin-only; no tenant role — Tenant Administrator included — can change these settings from this screen.
  • GDPR, HIPAA, FERPA, and COPPA are Enterprise-only. If you are not on an Enterprise plan, those four will not be in scope for your workspace.
  • ISO 27001 and WCAG 2.1 are part of the recognized set even though they are sometimes overlooked — both appear here and apply on all plans.
  • Listing a framework is not a compliance guarantee. It tells you VeriCite's controls are built to map to that framework; actual availability for your tenant still depends on your plan.
featureData residencyThe region your tenant’s data is stored and processed in.
Was this page helpful?