ZenoXCare — marketing
Loading conformity matrix…
Live · Generated from registries
One row per regulatory framework ZenoXCare maps controls against. For every framework you see the standards we declare alignment to and the third-party certifications that satisfy it — with status pulled live from the registry. No marketing copy. No outdated PDFs.
Frameworks tracked
49
With declared standard
26
With certification path
7
Active or in progress
1
Family
Foundational information-security management and assurance frameworks.
| Framework | Aligned standards | Certification path | Best status |
|---|---|---|---|
| SOC1 |
|
| Planned |
| SOC2 |
|
| Audit in progress |
| ISO_27001 |
|
| Planned |
| ISO_27701 |
|
| Planned |
| ISO_22301 |
| Alignment only · no third-party attestation in scope | Standard alignment |
| NEN_7510 | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| HITRUST | No standard yet declared |
| Not pursued |
| NIS2 | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| OWASP_ASVS |
| Alignment only · no third-party attestation in scope | Standard alignment |
Family
Card and account-to-account payment frameworks governing settlement and customer data.
| Framework | Aligned standards | Certification path | Best status |
|---|---|---|---|
| PSD3 | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| PCI_DSS_V4 |
|
| Planned |
Family
Frameworks governing the responsible design, deployment, and oversight of AI systems.
| Framework | Aligned standards | Certification path | Best status |
|---|---|---|---|
| AI_ACT | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| CO_SB_24_205 | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| AB_3030 | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| ISO_42001 |
| Alignment only · no third-party attestation in scope | Standard alignment |
| NIST_AI_RMF |
| Alignment only · no third-party attestation in scope | Standard alignment |
| WHO_AI_ETHICS_HEALTH |
| Alignment only · no third-party attestation in scope | Standard alignment |
Family
Cross-cutting privacy regimes that apply to most jurisdictions or member subsets.
| Framework | Aligned standards | Certification path | Best status |
|---|---|---|---|
| GDPR | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| CCPA | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| TX_HSC_181 | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| WA_MHMDA | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
Family
Continental and regional bloc instruments harmonising data, privacy, and digital trade.
| Framework | Aligned standards | Certification path | Best status |
|---|---|---|---|
| MALABO_CONVENTION |
| Alignment only · no third-party attestation in scope | Standard alignment |
| AU_DATA_POLICY_FRAMEWORK |
| Alignment only · no third-party attestation in scope | Standard alignment |
| ECOWAS_DATA_PROTECTION |
| Alignment only · no third-party attestation in scope | Standard alignment |
| SADC_MODEL_LAW | Alignment only · no third-party attestation in scope | Standard alignment | |
| AFCFTA_DIGITAL_TRADE | Alignment only · no third-party attestation in scope | Standard alignment |
Family
Active national healthcare and data-protection statutes across our African rollout waves.
| Framework | Aligned standards | Certification path | Best status |
|---|---|---|---|
| NHIA_GH | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| NDPA_GH |
| Planned | |
| NDPR_NG |
| Alignment only · no third-party attestation in scope | Standard alignment |
| ODPC_KE | Alignment only · no third-party attestation in scope | Standard alignment | |
| NDPA_RW | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| POPIA_ZA |
| Alignment only · no third-party attestation in scope | Standard alignment |
Family
Open standards for clinical data exchange and shared terminology.
| Framework | Aligned standards | Certification path | Best status |
|---|---|---|---|
| HL7_FHIR |
| Alignment only · no third-party attestation in scope | Standard alignment |
| SNOMED_CT |
| Alignment only · no third-party attestation in scope | Standard alignment |
| ICD_11 |
| Alignment only · no third-party attestation in scope | Standard alignment |
Family
Globally-recognised health-sector security, quality, and digital-health frameworks.
| Framework | Aligned standards | Certification path | Best status |
|---|---|---|---|
| ISO_27799 |
| Alignment only · no third-party attestation in scope | Standard alignment |
| ISO_13485 |
| Alignment only · no third-party attestation in scope | Standard alignment |
| IMDRF_SAMD |
| Alignment only · no third-party attestation in scope | Standard alignment |
| WHO_SMART_GUIDELINES |
| Alignment only · no third-party attestation in scope | Standard alignment |
Family
European Union healthcare statutes including the European Health Data Space and Medical Devices Regulation.
| Framework | Aligned standards | Certification path | Best status |
|---|---|---|---|
| EHDS | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| MDR | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| IVDR | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
Family
United States healthcare statutes and CMS rules. Reserved for US expansion.
| Framework | Aligned standards | Certification path | Best status |
|---|---|---|---|
| HIPAA | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| HITECH | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| CFR_42_PART_2 | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| SECTION_1557 | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| NO_SURPRISES_ACT | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
| CMS_0057_F | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
Family
United Kingdom Digital Technology Assessment Criteria and related sector standards.
| Framework | Aligned standards | Certification path | Best status |
|---|---|---|---|
| DTAC_UK | No standard yet declared | Alignment only · no third-party attestation in scope | Alignment only |
lib/regulatory/framework-ids.ts, lib/compliance/standards.ts, and lib/compliance/certifications.ts.verify:certifications-registry refuses to ship if an ACTIVE certification lacks a signed evidence artifact on file.