Salesforce

Self-hostedVerified May 2026
compliance.salesforce.com
Trust Center
salesforce.com
Website

Salesforce Compliance & Certifications

SOC 2SOC 3ISO 27001ISO 27017ISO 27018ISO 27701ISO 42001HIPAAHITRUSTFedRAMPPCI DSSGDPRCSA STARNISTTX-RAMP

Frequently Asked Questions

Does Salesforce have SOC 2?

Yes. Salesforce holds SOC 2, SOC 3, ISO 27001, ISO 27017, ISO 27018, ISO 27701, ISO 42001, HIPAA, HITRUST, FedRAMP, PCI DSS, GDPR, CSA STAR, NIST, TX-RAMP certifications. You can view their trust center at compliance.salesforce.com for full security and compliance documentation.

Where can I find Salesforce's security documentation?

Salesforce publishes their trust center at compliance.salesforce.com. It includes security policies, compliance certifications (SOC 2, SOC 3, ISO 27001, ISO 27017, ISO 27018, ISO 27701, ISO 42001, HIPAA, HITRUST, FedRAMP, PCI DSS, GDPR, CSA STAR, NIST, TX-RAMP), and other documentation.

Does Salesforce have ISO 27001 certification?

Yes, Salesforce is ISO 27001 certified. This international standard confirms they have implemented a comprehensive information security management system (ISMS).

Is Salesforce HIPAA compliant?

Yes, Salesforce is HIPAA compliant and can support healthcare organizations that handle protected health information (PHI).

More on Self-hosted

37 companies use Self-hosted on TrustLists
AgentnoonAirtableAmazon Web ServicesCloudflareDocuSignDojah IncGitHubGoogle Workspace