Security & Compliance
Official records demand more than good software. They demand trust. WhoSaidWhat is built for the security, accountability, and accessibility standards that public institutions are held to.
This page brings together how we protect your records — something you can share directly with your IT, legal, and procurement teams.
Access Control & Accountability
Role-Based Access
Granular permissions control who can view, edit, publish, and export. Administrators, clerks, transcription operators, and content editors each get exactly the access their role requires — no more, no less.
Audit Logs
Every meaningful action is recorded — who did what, and when. Audit trails support accountability, internal review, and the kind of evidence-ready record-keeping that public institutions are expected to maintain.
Unlimited, Controlled Users
Add as many administrators and clerks as you need, each governed by role-based permissions, without per-seat friction.
Deployment & Data Residency
Your Choice of Deployment
Run WhoSaidWhat in a managed private cloud or on-premises within your own environment, depending on your institution's data-handling requirements.
Data Residency Options
For institutions with sovereignty or jurisdictional requirements, deployment can be configured to keep data in-region.
Your Data Stays Yours
Your records are never used to train public models. Scoped knowledge sources mean AI features answer only from your approved content — not from guesswork.
Data Protection
Encryption & Backups
Records are protected in transit and at rest, with automated backup procedures and documented disaster recovery.
Integrity You Can Prove
For long-term archives, fixity checks and provenance logs let you demonstrate that a record is authentic and unchanged over time.
Accessibility & Public-Sector Readiness
Public institutions are increasingly required to meet modern accessibility standards. Who Said What is built with WCAG-aligned patterns — keyboard navigation, screen-reader-friendly interfaces, sufficient contrast, and clear focus states — plus plain-language and multilingual readiness where needed.
Public agencies face rising expectations for accessible digital services. Our platform and public portals are designed to help you meet them.
Built on Recognized Preservation Standards
For institutions that need true long-term archiving, our Digital Preservation service is designed around the OAIS reference model (ISO 14721) — the widely used framework covering ingest, archival storage, data management, and access — with optional mapping to repository-trust expectations such as ISO 16363.
Talk to Us About Your Requirements
Every institution has its own security, residency, and compliance needs. Tell us yours, and we'll walk you through how WhoSaidWhat meets them.