Security Trust Centre

Escrow London’s commitment to protecting client’s sensitive data is a core activity for our organisation. We ensure compliance with industry best practices as well as international standards for information and cyber security risk mitigation and protection.  

 The key aspects of our security practices are including: 

• Risk management and threat modelling; 
• Regulatory reviews; 
• Certification with ISO/IEC 27001:2022 and ISO/IEC 27017:2015; 
• Ongoing security management of all Escrow London and client environments; 
• Internal audits assessing our processes; 
• Periodic vulnerability assessments (authenticated and non-authenticated); 
• Penetration tests; 
• Cloud accounts security controls reviews; 
• Wide use of cryptography controls in transit and at rest; 
• Business continuity and Disaster recovery planning and testing. 

We operate globally and comply with the following privacy regulations: 

• General Data Protection Regulation (EU) 2016/679 (GDPR) regulates how personal data is collected, stored, and used. Any personal data relating to an identified or identifiable individual, including name, address, email, phone number, health data, financial information, and online identifiers. We ensure we collect and process only the data necessary for the intended purpose and implementation of appropriate technical and organisational measures to protect data from unauthorised access, disclosure, alteration, or destruction.  

• Health Insurance Portability and Accountability Act of 1996 (HIPAA) protects the privacy and security of protected health information (PHI). PHI includes any individually identifiable information related to a person’s past, present, or future physical or mental health condition, treatment, and payment for healthcare services. 

We will gladly share more details under a Non-Disclosure Agreement (NDA) and discuss how we can help in your compliance activities. Please contact our team for more details.