Collabware Compliance Certifications
Rest assured we have taken the steps to verify our products meet regulatory guidelines.
Collabware invests heavily into product innovation and advancing EDRMS practices. Our products undergo continual testing and remain accredited to these international records management standards.
Contact our sales team for guidance on whether these regulations are mandatory for your industry.
U.S. Department of Defense (DoD) Directive 5015.2 sets requirements for mandatory baseline functionality of Records Management Application (RMA) software. It defines required system interfaces and search criteria; and outlines the minimum records management conditions that must be met based on current National Archives and Records Administration (NARA) regulations. While generated by the U.S. entity, this testing standard is recognized by many international organizations worldwide.
Collabware DoD 5015.2 Register
Collabware is regularly tested and certified by Microsoft to validate that our software products follow stringent coding principles and integrate seamlessly with Microsoft technologies. Microsoft also holds Collabware accountable to ensure our software delivery is fully compatible and trustworthy.
As a Gold ISV Partner (Independent Software Vendor), we have met the highest criteria for all program requirements.
Microsoft is redefining enterprise content management (ECM) with modern, end-to-end software and services to connect entire workplaces and enable intelligent content management.
As a charter member of the preferred content services program, Microsoft has validated our work as a top-tier system integrator that can address high-impact scenarios and workloads including: advisory/implementation, migration, capture, workflows, records management and compliance.
Collabspace is built on Microsoft Azure (and available in Azure Government Cloud for government agencies) and these cloud environments meet the demanding requirements of FedRAMP High. The FedRAMP program was created to provide a standardized approach for assessing, monitoring, and authorizing cloud computing products and services to federal agencies, and to accelerate the adoption of secure cloud solutions by federal agencies.
Cloud service providers demonstrate FedRAMP compliance through an Authority to Operate (ATO) or a Provisional Authority to Operate (P-ATO) from the Joint Authorization Board (JAB). FedRAMP authorizations are granted at three impact levels based on NIST guideline slow, medium, and high.
The Sarbanes-Oxley Act of 2002 (SarbOx or SOX) is also known in the U.S. Senate as the "Public Company Accounting Reform and Investor Protection Act," and in the U.S House of Representatives as the "Corporate and Auditing Accountability, Responsibility, and Transparency Act." This legislation protects the public from accounting errors and fraud, and holds firms responsible for the accuracy of corporate disclosures.
MoReq2010® outlines the essential elements that a records system should have to ensure that records are properly managed, can be accessed at all times, are retained for as long as they are needed and are properly disposed of once the obligatory retention period has expired. An organization which implements a records system based on the requirements of MoReq2010® can be assured that its records will be properly managed.
MoReq2010® defines the core functionality required of a records system whether it is deployed into a public body, private organisation, or even the third sector. MoReq2010® is a modular specification, which means that the specification can be extended to allow for specialized application in different jurisdictions, markets and industry sectors. Organizations using it can incorporate policies and regulatory requirements relevant to their business sector.
NARA is the U.S. National Archives and Records Administration who dictate their digital records transformation targets for government agencies. They are leading the way in the next generation of federal records management compliance. Software must meet all the standards of the NARA Code of Federal Regulations 36 CFR Chapter 12 or have NARA-approved waiver from one or more specific standards in those sections. Presidential Mandate M-12-18 via NARA dictates that all public sector records must be managed electronically by December 2019. And by 2022, NARA will no longer intake any records for archive in physical format, including legacy items.
The Code of Federal Regulations (CFR) is a codification of the general and permanent rules published in the Federal Register by Executive departments and agencies of the Federal Government. Part 11 applies to electronic records and electronic signatures that persons create, modify, maintain, archive, retrieve, or transmit under any records or signature requirement set forth in the Federal Food, Drug, and Cosmetic Act, the Public Health Service Act, or any FDA regulation.
It dictates that open computer systems must have controls to ensure all records are authentic, incorruptible and confidential where needed. Closed computer systems must have a collection of procedural and technological controls in place to protect data within.
A GSA Schedule Contract, also known as the federal supply or multiple award schedule, allows government agencies to purchase from Collabware with pre-negotiated pricing, terms & conditions that help simplify and accelerate the sales process. This program ensures any vendor given GSA approval will provide full transparency, efficiency and flexibility in the selection process during software procurement.
Federal agencies must make their electronic and information technology (EIT) accessible to people with disabilities, so Section 508 Standards applies to electronic and information technology procured by the federal government, including computer hardware and software, websites, phone systems, and copiers. The Section 508 Standards contain technical criteria specific to various types of technologies and performance-based requirements which focus on functional capabilities of covered products. Specific criteria cover software applications and operating systems, web-based information and applications, computers, telecommunications products, video and multi-media, and self-contained closed products
The World Wide Web Consortium (W3C) is an international community that develops open standards to ensure the long-term growth of the Web. W3C operates under a Code of Ethics and Professional Conduct. The International agency standardizes strategies, standards and resources to make the Web accessible to people with disabilities. Web Content Accessibility Guidelines (WCAG) 2 is designed to be a stable, referenceable technical standard.
Set by the Canadian General Standards Board’s Committee on Electronic Records and Image Management, CAN/CGSB-72.34 specifies principles, methods, and practices for the creation (i.e. making, receipt, and capture) and management of all forms of electronic records (e.g. e-mail, cartographic, audio-visual, textual, multimedia, etc.) to support their admissibility (see 3.5 and 3.6) and weight (see 3.74) as evidence in legal proceedings. An organization may be required to produce electronic records as evidence in legal proceedings. To support the admissibility and weight of electronic records as documentary evidence, the organization needs to ensure that these records can be proven or presumed to be reliable, accurate, and authentic, meaning trustworthy.
The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient data. It can be broken into two parts. One is the Privacy Rule, or Standards for Privacy of Individually Identifiable Health Information. This part establishes national standards for the protection of certain health information. The other is the Security Rule for the Protection of Electronic Protected Health Information to establish a national set of security standards for protecting certain health information that is held or transferred in electronic form.