LivePerson’s Conversational Cloud offers unmatched enterprise-grade security. Our applications, infrastructure, and policies have been vetted by advanced security teams at our Fortune 500 customers and reflect 20+ years of industry leadership in data and systems security.
We meet the most relevant international security and privacy standards.
SSAE 18 SOC2+HIPAA (formerly SAS70)
We conduct yearly data center audits and our reporting is compliant with the American Institute of Certified Public Accountants (AICPA).
ISO 27001
Our Information Security Management System is certified for ISO compliance.
Learn more
PCI DSS 3.2.1
We handle payment data and secure transactions in compliance with Payment Card Industry Data Security Standards 3.2.1.
GDPR
Our data and privacy policies are in full compliance with EU General Data Protection Regulation.
Learn more
SOX
Our finance and security operations are compliant with all Sarbanes-Oxley requirements.
HIPAA via Business Associate Agreement (BAA)
LivePerson executes BAAs with HIPAA-covered entities to certify PHI protections.
HITRUST CSF® v9.3
LivePerson is HITRUST CSF® v9.3 certified to ensure robust security protection for our customers, including HIPAA-covered entities.
We use the most current in-transit and at-rest encryption, along with optional AES and sensitive data masking. Our application security and customer controlled policies offer full visibility and logs to users and make it easy to customize user permissions and access.
LivePerson adheres to a comprehensive Secure Software Development Life Cycle that includes the following:
Our security team is actively involved in design for all major projects.
We conduct routine OWASP and automated scans in our systems.
We conduct regular vulnerability scanning and third-party assessments.
We issue third-party training in secure coding and ethical hacking for our R&D and QA teams.