Resources

Knowledge Base

Is UiPath HIPAA and FIPS compliant?

 

We are HIPAA compliant - we do not store patient or customer information (credit card number, SSN, etc).

Our server platform (where credentials are stored encrypted in a database using Application Level encryption) is FIPS compliant.

We use the AES_CBC_256 encryption algorithm.
We do not offer at this time integration with a 3rd party Identity and Access Management, but we have on the roadmap integration with Dell One, Ping Identity and CyberArk solutions.

UiPath does not send data outside customer's network. However, it is the robot developer's responsibility to not explicitly send sensitive information to the server (using Write Text or Log Message activities) and to not send information outside customer's network using the "Send email" functionality in UiPath.