Data Security, Privacy, and Compliance
³ÉÈËVRÊÓƵ Trust Center
Security commitment
At ³ÉÈËVRÊÓƵ, security isn't just a feature; it's the foundation of our promise to our customers
³ÉÈËVRÊÓƵ (TSX/Nasdaq: TRI) informs the way forward by bringing together the trusted content and technology that professionals and organizations need to make the right decisions. Our company serves customers across legal professionals, tax and accounting, risk, fraud and compliance, government, and media, and we continue to work toward improving our cybersecurity posture.
We are proud to announce that ³ÉÈËVRÊÓƵ has achieved FedRAMP® authorization for Westlaw, Practical Law, and CLEAR. Additionally, we are still invested in securing FedRAMP agency authorization for our CoCounsel product.
This milestone reflects our unwavering commitment to meeting the highest standards of cloud security and compliance required by U.S. federal agencies. By harmonizing our operations with FedRAMP's detailed protocol for security evaluation, approval, and ongoing oversight, we're taking a proactive approach to address the complexities of the current digital environment. 
Information security
³ÉÈËVRÊÓƵ maintains its reputation for providing reliable and trustworthy information through a variety of means, including a comprehensive information security management framework supported by a wide range of security policies, standards, and practices.
Product security
Product security and compliance are a top priority in ³ÉÈËVRÊÓƵ offerings. Use our Product Profile links (below) to access product-specific resources such as (but not limited to):
- SOC reports and bridge letters
- Certificates or attestations
- Security questionnaires — for example, SIG and CAIQ
- White papers
For product specific security requirements, get in touch with your ³ÉÈËVRÊÓƵ account representative or contact us for further assistance.
Click the links below to preview the product security profiles
Please note: accessing and downloading profile artifacts requires an account.
³ÉÈËVRÊÓƵ SECURE Framework
Expanding upon the NIST Cybersecurity Framework (CSF), ³ÉÈËVRÊÓƵ centers its efforts on six fundamental pillars to effectively mitigate cyber risks for both the company and its customers.
Safeguard devices, identities, and business applications.
Establish baseline practices and standards to maintain secure networks, systems, and hosting environments.
Deliver secure-by-design products that protect processes and customer data.
Meet the online security expectations of customers, regulators, and stakeholders.
Rapidly detect and mitigate risks to ³ÉÈËVRÊÓƵ estate.
Protect and mitigate cyber-risks.
Data Privacy
³ÉÈËVRÊÓƵ places a high priority on meeting our customers’ privacy expectations. We are constantly monitoring legislative developments and incorporating changes into our privacy framework to meet these expectations.
To learn more about our collection and use of personal information, please visit our Privacy Statement.
Compliance
³ÉÈËVRÊÓƵ compliance practices are aligned with regulatory requirements and industry standards to help protect our data's confidentiality, integrity, and availability and promote the reduction of business and technology risk.
Our products maintain individual compliance attestations and self-assessments, some of which are listed below. For product specific compliance requirements, consult the product security section, get in touch with your ³ÉÈËVRÊÓƵ representative or contact us for further assistance.
Contact and support information
Our Vulnerability and Disclosure Program is powered by the HackerOne platform.
Our procurement guide answers several frequently asked questions from customer.
For any questions regarding our solutions and services, our customer service representatives are here to help.
Already a customer? Log in to access your account and recent work.
AI @ ³ÉÈËVRÊÓƵ
³ÉÈËVRÊÓƵ and Generative AI — defining a new era for how legal and tax professionals work