Data Encryption: When you use our application via a browser or mobile app, we employ Transport Layer Security (TLS) to safeguard your information with server authentication and encryption. All data entered into Vault Platform is protected using Advanced Encryption Standard (AES-256) and a unique encryption key. Until reports are submitted, no one, including Vault, can access the information. Once a report is submitted, only assigned case managers can securely access the data. Access to Vault's infrastructure is highly restricted, monitored, and logged.

Compliance Certifications: Vault Platform is ISO 27001 certified, adhering to industry standards for information security management. We conduct regular security audits, vulnerability scans, external penetration testing, and automated monitoring, and provide security training to our staff. We stay abreast of evolving standards and legislation to ensure compliance with leading industry security requirements.
​

Secure Hosting Infrastructure: Our servers are located within the European Union and the United Kingdom, housed in AWS (Amazon Web Services) data centers with ISO 27001, SOC 1, and SOC 2 certifications. Customer data is redundantly stored in our hosting provider's data centers for reliability. We maintain a robust business continuity program with regular backup and restoration procedures.
​

Application Security: Vault Platform maintains an internal security threat model and conducts external penetration testing regularly to fortify application security. Our engineers undergo regular training in secure coding practices, covering key OWASP security risks, common attacks, and security control best practices. We subject code and configuration changes to thorough reviews and quality assurance testing before deployment to ensure a consistent experience across supported devices and platforms.