Compliance is fundamental for the real-world application of today’s technology solutions, including Zoom Phone. Our cloud phone solution is secure and conforms to the requirements of the following laws, standards, and certifications:
Ray Baum’s Act and Kari’s Law: Zoom Phone supports nomadic E911 services for its users without the need for third-party solutions. Zoom Phone users can be compliant with the U.S.-based mandates for Kari’s Law and Ray Baum’s Act with the proper configurations of existing emergency features, which are outlined in depth in our guide.
Certifications, attestations, and standards attained by the Zoom platform: Zoom Phone is included in a variety of certifications, attestations, and standards that apply to the entire Zoom platform. These include SOC 2 Type II, Cyber Essentials certification – NCSC, CSA STAR Assessment (Level 2), and many more, all of which can be found here.
STIR/SHAKEN: As part of the STIR/SHAKEN authentication standards required by the FCC, Zoom Phone will show “caller verified” check marks on incoming calls to users so they can help identify potential robocalls and spam calls. A check mark icon appears if the carrier has authenticated the calling party and they are authorized to use the calling number. The check mark icon appears in the call log and inbound call notifications (shown in the Zoom client and application) for several inbound call scenarios. More details can be found here.
Recording compliance: Zoom Phone’s automatic call recording feature can be configured for users and call queues that need to record all interactions. There are configurable data retention periods and configurable data storage location options for collaboration contents that enable customers to define where (regionally) data is stored at rest. We’ve even created a recordings admin role to help customers manage who can access certain recordings, and we have a robust set of APIs designed to enable customers to manage their recordings.