Maintaining Compliance with Rhombus
The Rhombus video security platform is designed to make maintaining compliance simple for your organization.
With automatic updates and strict cybersecurity protocols, you’re always up to date with critical security, data privacy, and compliance standards.

National Defense Authorization Act (NDAA)

House Resolution 5515, better known as the John S. McCain National Defense Authorization Act (NDAA), was signed into law in 2018. The NDAA bans U.S. government agencies, contractors, and grant or loan recipients from using products manufactured by certain companies, primarily due to cybersecurity concerns.

Rhombus cameras are fully NDAA-compliant and made with high-quality components from whitelisted vendors.


Service Organization Control 2 (SOC 2)

Developed by The American Institute of Certified Public Accountants (AICPA), SOC 2 is a set of information security policies and procedures specifically created for service providers that store customer data in the cloud.

Rhombus uses SOC 2 Type II certified data centers to protect customer data following the strictest standards.


California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act (CCPA) is a consumer privacy law passed in 2018. Under the CCPA, companies must notify users if they intend to monetize their data and provide the right to opt out of that monetization.

Rhombus provides easy-to-use tools to aid compliance with the CCPA , including customer reports and customer data purges.


Health Insurance Portability and Accountability Act (HIPAA)

The Health Insurance Portability and Accountability Act (HIPAA) was created to modernize the flow of healthcare information and specifies requirements to protect the Personal Health Information (PHI; also referred to as PII or Personally Identifiable Information) of patients.

Rhombus devices improve HIPAA compliance by documenting & protecting PHI access.


General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) is a set of data privacy laws passed in the European Union in 2018. These regulations guide how organizations handle the personal data of the end-users that interact with them.

Rhombus has experience with GDPR deployments and data processing agreements so that companies stay in full compliance.


Payment Card Industry Compliance (PCI)

Payment Card Industry Compliance (PCI) is a set of security standards that any company that accepts or produces credit cards must follow.

Rhombus helps organizations meet PCI standards by protecting cardholder data and sensitive authentication data.


Biometric Information Privacy Act (BIPA)

The Biometric Information Privacy Act (BIPA) is a law passed in several U.S. states that pertains to the collection and storage of biometric information such as fingerprints, voiceprints, and scans of the hand or face geometry.

The Rhombus platform includes flexible AI settings allow companies to enable or disable biometric data such as facial recognition as needed to comply with BIPA.