Demonstrating high security and privacy standards
It is our responsibility to protect our clients’ data vigilantly and in accordance with global data privacy and security standards. Our certifications demonstrate our commitment to high standards in security and data privacy.
Certifications and other resources for clients
ISO 27001 (Information security, cybersecurity, and privacy protection)
This certification demonstrates that an external independent audit has established that Anthology’s information security system is comprehensive and meets the globally recognized ISO/IEC standards.
Products: Blackboard Learn SaaS and SafeAssign, CampusNexus CRM, Anthology Ally, Anthology Encompass, Anthology Engage, Anthology Finance & HCM, Anthology Illuminate, Anthology Occupation Insight, Anthology Reach, Anthology Student, Anthology Student Verification
Download the certificate (PDF)
ISO 27017 (Information security for cloud services)
This certification demonstrates that an external independent audit has established that Anthology’s information security system meets additional ISO/IEC standards regarding the security of cloud services.
Products: Blackboard Learn SaaS and SafeAssign, CampusNexus CRM, Anthology Ally, Anthology Encompass, Anthology Engage, Anthology Finance & HCM, Anthology Illuminate, Anthology Occupation Insight, Anthology Reach, Anthology Student, Anthology Student Verification
Download the certificate (PDF)
ISO 27018 (Protecting personal information in the cloud)
This certification demonstrates that an external independent audit has established that Anthology’s information security system meets additional ISO/IEC standards regarding the protection of personal information as a cloud service provider.
Products: Blackboard Learn SaaS and SafeAssign, CampusNexus CRM, Anthology Ally, Anthology Encompass, Anthology Engage, Anthology Finance & HCM, Anthology Illuminate, Anthology Occupation Insight, Anthology Reach, Anthology Student, Anthology Student Verification
Download the certificate (PDF)
ISO 27701 (Privacy information management system)
This certification demonstrates that that an external independent audit has established Anthology’s privacy information system is comprehensive and meets the globally recognized ISO/IEC standards regarding the use of personal information as a processor.
Products: Blackboard Learn SaaS and SafeAssign, CampusNexus CRM, Anthology Ally, Anthology Encompass, Anthology Engage, Anthology Finance & HCM, Anthology Illuminate, Anthology Occupation Insight, Anthology Reach, Anthology Student, Anthology Student Verification
Download the certificate (PDF)
SOC 1 (Independent report on controls relevant to financial reporting)
The SOC 1 report is an independent examination of Anthology’s internal control environment that may be relevant to our clients’ internal controls over financial reporting and is performed by a licensed third-party auditor.
Products: Anthology Student
SOC 1 reports can be requested through your account representative or client experience manager.
SOC 2 (Independent security assessment report)
The SOC 2 report is an independent examination of Anthology’s control environment regarding data security and is performed by a licensed third-party auditor.
Products: Blackboard Learn SaaS, Anthology Reach, Anthology Student
SOC 2 reports can be requested through your account representative or client experience manager.
PCI DSS – Level 1 (Security for credit card data)
Anthology’s compliance with the Payment Card Industry Data Security Standard (PCI DSS), an information security standard for protecting credit card data, is validated by an external auditor (Qualified Security Assessor) at the most stringent level of assessment. Anthology is part of the Visa Global Registry of Service Providers.
Products: Anthology Encompass
More information about our PCI DSS compliance can be requested through your account representative or client experience manager.
FedRAMP Moderate (U.S. Government security standard)
FedRAMP Moderate authorization is awarded by the U.S. Government to applications that meet the high security requirements and processes that cloud service providers must follow in order for the government to use their service.
Products: Blackboard Learn SaaS (GovCloud)
More information about our FedRAMP Moderate authorization can be requested through your account representative or client experience manager.
EU-U.S. Data Privacy Framework (Protecting EU personal information)
Anthology’s participation in the EU-U.S. Data Privacy Framework (DPF) demonstrates Anthology’s commitment to protecting EU personal information when transferred/accessed outside of the EU/EEA.
Products: All products
More information is available in our DPF Statement and in the DPF register.
Student Privacy Pledge (Safeguarding K-12 personal information)
Anthology is a signatory of the Student Privacy Pledge 2020, which commits Anthology to principles on the safeguarding and use of personal information of U.S. K-12 students.
Products: All products
More information is available on the Student Privacy Pledge website.
Higher Education Community Vendor Assessment Toolkit (HECVATs)
Anthology has completed and maintains the Higher Education Community Vendor Assessment Toolkit (HECVAT) with detailed information about security controls for its products.
Products: All products
HECVATs are product-specific and can be requested through your account representative or client experience manager.
More information on the HECVAT is available at the EDUCAUSE website.
Last Updated: January 29, 2024