# Compliance

### Industry compliance and certifications reinforce our operational excellence <a href="#industry-compliance-and-certifications-reinforce-our-operational-excellence" id="industry-compliance-and-certifications-reinforce-our-operational-excellence"></a>

At NTT DATA, we are committed to attaining top-tier industry accreditations in data center and security, providing our valued commercial clients with unwavering confidence in the security of their mission-critical IT systems hosted within our state-of-the-art colocation facilities.

When the time comes for your crucial audits and accreditation procedures, we stand prepared to support you with exclusive facility tours and interviews featuring our team of seasoned experts in IT security and physical security.

Explore our comprehensive list of certifications across various NTT DATA geographies, showcasing our dedication to maintaining the highest standards in the industry.

The certifications and regulations for the NTT DATA Syntphony assets are listed below:

<table data-card-size="large" data-view="cards" data-full-width="false"><thead><tr><th></th><th></th><th data-hidden></th></tr></thead><tbody><tr><td><p><strong>GDPR</strong></p><p>NTT DATA Syntphony assets complies with the General Data Protection Regulation (GDPR), which regulates the processing of personal data of individuals within the European Union (EU). </p></td><td></td><td><p>NTT DATA Syntphony Conversational AI complies with the General Data Protection Regulation (GDPR), which regulates the processing of personal data of individuals within the European Union (EU). We offer features such as data minimization, user consent management, and the right to be forgotten, to help its customers comply with GDPR requirements when using its conversational AI solutions. To GDPR internal assessment, please contact us via the support portal at</p><p><a href="https://shori-public.clonika.com/">Portal support</a>.</p></td></tr><tr><td><p><strong>HIPAA Security Rule</strong></p><p>The HIPAA Security Rule of 2003 requires covered entities to implement or address over 50 administrative, physical, and technical safeguards designed to ensure the confidentiality, availability, and integrity of electronic protected health information (ePHI), including the prevention of unauthorized access to ePHI.</p></td><td></td><td></td></tr><tr><td><p><strong>ISO27001</strong></p><p>ISO 27001 is an international standard outlining best practices for an information security management system (ISMS), which is a framework of policies and procedures that includes all legal, physical, and technical controls involved in an organization's information risk management processes.</p></td><td></td><td></td></tr></tbody></table>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://trustcenter.syntphony.com/trust-center/compliance.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.