Trust Office

Our Trust Office: Guardians of Your Contact Center

When you move your contact center to the cloud, trust becomes a big deal. The experts in our Trust Office make sure your important data is safe, your system is always available, and it runs at top speed.

Think of our team as the behind-the-scenes guardians for your contact center.  They use their deep experience in securing, building, and optimizing networks to take care of the complex (and somewhat mundane) details so you don’t have to.

Our Trust Office makes sure your inContact environment has:

  • High service reliability. Count on 99.99% uptime from our systems and infrastructure. 
  • Iron-clad security. Only the highest security standards are good enough to protect your critical business data.  
  • Fast, scalable performance.  Our network’s speedy performance can satisfy your contact center’s changing and growing demands. 

Industry Certifications

inContact maintains various industry certifications to assist customers in verifying security policies and processes. We’ve been assessed and validated for the following industry certifications:


inContact offers a Payment Card Industry (“PCI”) Level 1 compliant environment under the Payment Card Industry Data Security Standards (“PCI DSS”) that has been validated by an experienced Qualified Security Assessor (“QSA”) from The Cadence Group. This is a key assurance instrument inContact provides as customers evaluate the strength of our security, performance, and reliability practices.

PCI compliance refers to implementing and adhering to the PCI DSS defined by the PCI Security Standards Council. Businesses that store, process, or transmit payment card information are required to report PCI compliance. The level of PCI compliance for each business is determined by how the card data is handled and by the number of electronic credit card transactions processed each year.

Our PCI compliant environments emphasize our commitment to information and data security at every level. Offering deployment in a PCI compliant environment makes it easier for our customers to implement PCI DSS compliant solutions according to their needs. Customers are responsible to obtain and maintain their own PCI certification.


inContact publishes an annual Service Organization Controls 2 (“SOC 2”) type 2 report, also referred to as an AT 101 report. The inContact SOC 2 report is an attestation report that validates the effectiveness of our operating controls as a service organization to the criteria set forth by the American Institute of Certified Public Accountants (“AICPA”) Trust Services Principles. Our SOC 2 report is available upon request.


inContact, as a publicly traded company, annually evaluates and reviews our information technology and administrative controls related to financial reporting. This audit is performed by our internal audit department and by an external auditor, Deloitte. Our annual report is available on our website under Investor Relations.


inContact complies with all Federal Communications Commission (“FCC”) regulations including protecting Customer Proprietary Network Information (“CPNI”) which is data we obtain in the normal course of providing customers with telecom services. This type information includes where, when, and whom you call and the types of service offerings and products you obtain from us.

Under the FCC guidelines, we store all customer data in a secure, monitored database. inContact will not sell, lend, or license CPNI information to a third-party. Third-party contractors must sign a Non-Disclosure Agreement and cannot improperly use CPNI. Our employees are trained annually on CPNI and must adhere to security checks and CPNI policies. To view our CPNI certification, please click here.

Safe Harbor

As a Safe Harbor partner, inContact uses the proper policies (privacy, network and computer security, hosting, and change management) and controls to ensure storage and transmission of customer information internationally is secure according to country regulations and industry best practices such as PCI, Safe Harbor, and SOX Section 404 standards. inContact also completes an annual audit of compliance. To find more information about what is covered under our Safe Harbor certification, please click here.

Other Industry Standards

Although some industry standards may not apply directly to inContact, we take our customers’ compliance needs seriously. Standards such as the Health Insurance Portability and Accountability Act of 1996, Gramm–Leach–Bliley Act (“GLBA”), Dodd–Frank Wall Street Reform and Consumer Protection Act (“Dodd Frank”), and Federal Deposit Insurance Corporation (“FDIC”) are similar and closely related to requirements for PCI, SOX, and SOC. We help our customers design solutions that ensure compliance with the industry standards most important to their business needs.


When a HIPAA compliant solution is requested, the resulting discussion centers around privacy and security protections under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the Health Information Technology for Economic Clinical Health (“HITECT”) Act.

For covered entities and business associates subject to HIPAA, inContact offers solutions for processing, transmitting, and storing protected health information (“PHI”). Upon request, inContact will sign a business associate agreement (“BAA”) according to the services inContact provides our customers. 

Section 508/VPAT

Section 508 of the Rehabilitation Act of 1973 requires all federal agencies to make information technology accessible to people with disabilities. In order to demonstrate Section 508 compliance, the product or service will have a completed Voluntary Product Accessibility Template (“VPAT”). Upon request, inContact offers available VPATs.

For more information, please contact a representative at 866.965.7227 or

What Our Customers Say

“Trust is the first ingredient of any sale. inContact has the rich features, the reporting and technology we need, but what made the big difference was trust. I trust their business. I trust their platform. I trust the inContact organization and infrastructure supporting it all.”
Marion Timpson, Chief Operating Officer
PlusOne Company

inContact and the Cloud Security Alliance

The Cloud Security Alliance (CSA) logo is the mark of elite companies that have demonstrated their knowledge of the cloud and how to secure it.

Recent Accolades

  • 2017 DMG Customer Satisfaction Leader
  • 2017 Big Innovation Leader
  • 2016 Market Leader by Frost & Sullivan
  • 2016 Gartner Magic Quadrant 'Leader'
  • 2016 PACE Vendor of Excellence Award
inContact & AICPA