Security at every step

Protect your data and apps with the latest security measures IBM has to offer.

Data ownership

Watson Assistant gives you control over your data and insights including the ability to adjust what data is shared and recorded across instances.

Data isolation

To meet the additional needs of enterprise organizations, optional data isolation provides a single tenant data store environment that is physically isolated and not shared with any other user accounts.

Data protection

Know that your data is secure with encryption at rest and in transit using the advanced encryption techniques, as well as options for private endpoints and bring your own keys (BYOK).

Security testing and reviews

We support your data’s and app’s protection against vulnerabilities and chatbot security risks by performing internal and external penetration testing, chatbot security testing, and ongoing reviews.

Access control

Choose who in your organization can view and who can edit individual skills, assistants, and entire instances.

Audit trail

Track what updates were made to skills and assistants to better understand critical actions as they happen.

Compliance and certifications

ISO 27001, 27017, and 27018

ISO logo

ISO 27001, 27017, and 27018

Watson Assistant is ISO certified for information cybersecurity and data protection against security threats and hackers to meet the high standards of enterprise organizations.


SOC logo


Watson Assistant on the IBM Cloud is SOC 2 certified.


HIPAA logo


Support is available for organizations using the Watson Assistant Enterprise plan and hosted in IBM Washington, DC and Dallas, TX data centers.

European Union GDPR

GDPR logo

European Union GDPR

IBM provides data privacy, security measures and governance to support GDPR compliance.


PCI Security Standards Council Logo


Watson Assistant meets the Payment Card Industry Data Security Standard (PCI DSS) to ensure that companies can maintain the secure environment required to accept, process, store, or transmit credit card information.

Deployment flexibility and resiliency

Implement your assistant where and how you need, with the ability to change over time.

Enterprise scalability

graph icon

Low, medium, high usage? Not a problem – Watson Assistant grows with your needs and can scale to meet customer demand.

Deploy on-premises

buildings icon

Run your assistant within your environment using IBM Cloud Pak® for Data.

Run on IBM or other public clouds

cloud icon

Accelerate time to value using IBM Cloud. We can run on Amazon, Google, or Microsoft clouds as well.

High availability and disaster recovery

Earth icon

Our global locations have three data centers at minimum 8 miles apart that operate seamlessly to ensure your assistant’s availability.

Multi-zone region availability

globe icon

Watson Assistant is deployed with multi-zone regions to support high availability, minimizing customer disruptions and downtime.

Service level agreement

list icon

Watson Assistant offers up to 99.9% availability based on your desired plan.

Additional resources

Compliance certification

Explore the full list of certifications and compliance support for IBM Cloud.

Data policy

Read about how data is used and logged in Watson Assistant, as well as how we support compliance requirements.

IBM Cloud Pak® for Data

Learn how we deliver Watson Assistant on-premise or on any cloud on IBM Cloud Pak for Data.


Frequently asked questions

Is Watson Assistant secure?

Watson Assistant is ISO certified for information security, chatbot security, and data protection in chatbots to meet the high standards of enterprise organizations.

Does Watson store data?

Most of the Watson services are stateless, which means that Watson does not store client data if a client instructs IBM not to use client data to train the base model. Audits are performed internally, but to protect chatbot security and the chatbot data privacy of our clients, we don't share the processes.

Does chatbot technology use artificial intelligence, machine learning or natural language processing (NLP)?

Watson is built on deep learning, machine learning and natural language processing (NLP) models to elevate customer experiences and help customers change an appointment, track a shipment, or check a balance. Watson also uses machine learning algorithms and asks follow-up questions to better understand customers and pass them off to a human agent when needed.

Try out the enhanced intent detection model. This new model, which is being offered as a beta feature in English-language dialog and actions skills, is faster and more accurate. It combines traditional machine learning, transfer learning and deep learning techniques in a cohesive model that is highly responsive at run time. For more information, see Improved intent recognition.

Does Watson support European Union General Data Protection Regulation (GDPR) compliance?

IBM is committed to providing our clients and partners with innovative data privacy, security and governance solutions to assist them on their journey to GDPR compliance.

Learn more about IBM's own GDPR readiness journey and our GDPR capabilities and offerings to support your compliance journey here.

Does Watson support Health Insurance Portability and Accountability Act (HIPAA) compliance?

US Health Insurance Portability and Accountability Act (HIPAA) support is available for Enterprise plans that are hosted in the Washington, DC or Dallas locations. For more information, see Enabling EU and HIPAA supported settings.

Do not add personal health information (PHI) to the training data (entities and intents, including user examples) that you create. In particular, be sure to remove any PHI from files that contain real user utterances that you upload to mine for intent or intent user example recommendations.