Trust Center

Start your security review
View & download sensitive information
Ask for information
ControlK

Overview

Welcome to Nox Trust Center. Nox provides transparency into our robust security practices, regulatory compliance certifications, and data processing procedures applicable to all our services - Sleep Diagnostic Solutions, Sleep Care Management, and Prescription Digital Therapeutics. Nox is dedicated to safeguarding your information and maintaining the highest standards of data protection, exceeding industry requirements and adhering to regulations.

Compliance

HITRUST Logo
HITRUST
ISO/IEC 27001 Logo
ISO/IEC 27001
SOC 1 Type 2 Logo
SOC 1 Type 2
SOC 2 Type 2 Logo
SOC 2 Type 2
ISO 13485:2016 Logo
ISO 13485:2016
MDSAP Logo
MDSAP
EC Certificate - FQAS Logo
EC Certificate - FQAS

Documents

COMPLIANCEISO/IEC 27001
COMPLIANCEHITRUST
COMPLIANCESOC 2 Type 2
COMPLIANCESOC 1 Type 2
SELF-ASSESSMENTSCAIQ
MEDICAL DEVICE COMPLIANCEMDSAP
MEDICAL DEVICE COMPLIANCEEC Certificate
MEDICAL DEVICE COMPLIANCEISO 13485
MEDICAL DEVICE COMPLIANCESBOM - Noxturnal
AIAI Governance
POLICIESInformation Security Policy
POLICIESData Classification Policy

Medical Device Compliance

EC Certificate
ISO 13485
MDSAP
View more

Legal

Cyber Insurance
Privacy Policy
Data Subject Requests
View more

Data Security

Data Backups
Access Monitoring
Encryption-at-rest
View more

Access Control

Logging
Least Privilege
Password Security
View more

Product Security

Audit Logging
Data Security
Role-Based Access Control
View more

App Security

Software Development Lifecycle
Application Penetration Testing
Code Analysis
View more

BC/DR

Business Continuity Plan (BCP)
Contingency Plan Testing/Lessons Learned

Incident Response

Designated Response Personnel
Incident Reporting Process
Security Operations Center (SOC)

Policies

Acceptable Use Policy
Access Control Policy
Anti-Malicious Software Policy
View more

Risk Management

Risk Assessments
Supply Chain Risk Management

Risk Profile

HostingMajor Cloud Provider
Recovery Time Objective24-48 hours
Recovery Point Objective24-48 hours
View more

Training

Security Awareness Training
Secure Development Training
Phishing Training
View more

Reports

Data Flow Diagram (DFD)
Security Whitepaper

Self-Assessments

CAIQ

AI

AI Governance
AI Monitoring
AI Training Data and Bias
View more

ESG

We prioritize and take environmental, social, and governance (ESG) considerations seriously in our operations and decision-making processes.

Data Privacy

Privacy of customer data is top of mind. We follow industry best practices and follow all applicable privacy regulations.

Infrastructure

We take great care to work with best-in-class infrastructure providers that provide secure computing and storage. We are happy to provide more details about our infrastructure upon request.

Endpoint Security

We follow industry best practices for endpoint security. We are happy to provide more details about our endpoint security practices upon request.

Network Security

We protect our corporate network against external & internal threats.

Corporate Security

We implement internal measures and practices to maintain a high standard of security.

Asset Management

We have strict asset management policies in place to ensure that all assets are accounted for and secure.

Change Management

We have a change and configuration management process in place to ensure that changes are properly reviewed and approved.

Continuous Monitoring

We continuously monitor our systems for security threats and vulnerabilities. We are happy to provide more details about our continuous monitoring practices upon request.

Subprocessors

Trust Center Updates

New Compliance Documentation Now Available

Copy link
Compliance

Nox recently completed our annual 3rd party security and compliance audits, and renewed the following certifications:
ISO 27001
HITRUST
SOC 2 Type II
SOC 1 Type II
Our customers can access updated documents in the Compliance section on our Trust Center.

Built onSafeBase by Drata Logo