// Trust & Security Report
LexisNexis (RELX Group subsidiary)
Legal AI research, drafting, and analysis tools centered on Protégé™ AI assistant, including Lexis+ with Protégé, Lexis Create+, CaseMap+ AI, Lex Machina, Intelligize+ AI, and enterprise legal solutions
Certifications held
15
Maturity
Enterprise
Trains on your data
No
Trust center
Yes
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on trust.lexisnexis.com“SOC Type I & II compliance for key products, verified through independent third-party audits”
Verify on trust.lexisnexis.com“SOC 2 Type 1 audit completed for Lexis+ AI solution with continuous monitoring and independent audits”
Verify on trust.lexisnexis.com“ISO/IEC 27001 certified for information security management systems”
Verify on trust.lexisnexis.com“ISO 14001:2015 environmental management certification”
Verify on trust.lexisnexis.com“ISO 22301:2019 business continuity management certification”
Verify on lexisnexis.com“Certified to the EU-U.S. Data Privacy Framework with data protection representatives appointed for EEA and UK”
Verify on trust.lexisnexis.com“HIPAA and HITECH requirements adherence available as attestation for secure download”
Verify on trust.lexisnexis.com“California Consumer Privacy Act compliance measures implemented”
Verify on trust.lexisnexis.com“NIST CSF compliance verified in trust center”
Verify on trust.lexisnexis.com“Web Content Accessibility Guidelines 2.2 Level AA compliance”
> Show 6 unconfirmed / not-held certifications
source: trust.lexisnexis.comNo public evidence of PCI DSS certification on vendor domain
source: trust.lexisnexis.comNo public evidence of ISO 27017 certification on vendor domain
source: trust.lexisnexis.comNo public evidence of ISO 27018 certification on vendor domain
source: trust.lexisnexis.comNo public evidence of ISO 27701 certification on vendor domain
source: trust.lexisnexis.comNo public evidence of ISO 42001 certification; vendor follows RELX Responsible AI Framework instead
source: trust.lexisnexis.comNo public evidence of Cloud Security Alliance STAR certification on vendor domain
// Privacy & AI training
Trains on customer data
No
Data processing agreement
Offered
Data region
Multi-region: US, UK, EU (Germany, France, Ireland, Netherlands), Asia-Pacific (Australia, Singapore, Philippines, India), Africa (South Africa, Mauritius). GDPR data subject rights ensured across all regions through legal frameworks and data protection representatives.
LexisNexis explicitly commits that customer data is never used to train AI models. This is stated across multiple product pages. For Canadian customers specifically, prompts and documents are contractually prohibited from being used to train LLMs, and third-party providers are contractually restricted from accessing customer data. Lexis+ with Protégé General AI provides access to external models (OpenAI, Google, Anthropic) but user data is never used to train these external models.
// Security controls
Firewalls and network security
Secure networks, firewalls, data encryption, detailed logging and detection systems
lexisnexis.comThird-party AI model isolation
Microsoft Azure OpenAI monitoring features disabled; monthly verification that neither Microsoft nor OpenAI can access customer data
lexisnexis.comAudit and monitoring
Regular independent third-party audits and continuous compliance monitoring
trust.lexisnexis.comData retention and deletion
Robust data retention and deletion policies with identifiable information removed from AI interactions
lexisnexis.comBreach notification
Committed to notifying customers without undue delay upon discovering a personal data breach
lexisnexis.com// Products & data scope
data: Customer legal documents, research queries, drafting workspace
Primary AI-powered legal research and drafting tool. Combines Protégé AI assistant with LexisNexis legal content. Does not train on customer data.
data: User queries and interactions with external AI models
Provides access to GPT-4o, OpenAI o3, GPT-5, Claude Sonnet 4, Gemini 3 Pro. Customer data never used to train external models.
data: Documents and drafting workspace integrated with Microsoft 365
AI-powered clause suggestions and legal research integration with Microsoft 365
data: Case facts, timelines, evidence management data
Smart fact mapping, timeline visualization, and evidence management with AI insights
data: Court case data, litigation history, strategic patterns
Provides strategic insights using case analytics to help lawyers develop litigation strategies
data: Securities filings, transactional documents, clause data
Focuses on securities and transactional document research with clause comparison features
data: Spend management, matter tracking, vendor data
Enterprise legal operations platform for spend management, matter tracking, and vendor optimization
data: Company research, market data, business intelligence
Business intelligence platform for market research and company analysis
data: Tax research queries, guidance requests
Tax research platform with AI-generated summaries and guidance
data: Custom integrations and internal LLM development
API for custom integrations and internal language model development
// At a glance
Pricing model
Subscription-based (annual/multi-year). Specific pricing varies by product (Lexis+, Protégé, enterprise solutions). Free trials available for Lexis+ with Protégé.
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on LexisNexis (RELX Group subsidiary)'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-07. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
trust.lexisnexis.com