TrueContext Security Practices
Grounded in secure software development ensuring product and customer data security and privacy
Data is critical to modern field service, with many organizations dealing with sensitive information. As we enable businesses to automate their operations, our priority is to keep your data safe by building security right into the TrueContext platform.
We achieve software assurance by using industry standards and technologies:
- Our security solutions help customers manage their security requirements across their environments.
- Data management and resilience are fully supported through the platform.
- The risk of security vulnerabilities is managed through comprehensive policies and practices.
In step with your compliance requirements
Enterprises often deal with sensitive customer data with specific policies set by industry regulators. TrueContext maintains third-party audit attestations supporting customer regulatory compliance requirements.
HIPAA
TrueContext is verified for the HIPAA Security Rule and HITECH act to ensure all electronic health information is protected.
SOC 2 Type II
Certified since 2018, our SOC 2 Type II scope covers three trust service principles – Security, Availability, and Confidentiality.
FDA
A Title 21 CFR Part 11 seal guarantees the validity, security, and audit visibility of electronic records and electronic signatures.
We are constantly striving to maintain and improve our security program. TrueContext subscribes to news and updates from industry leaders in security and vulnerability management, which allows us to stay ahead of any risks. Furthermore, we take on regular audits to verify our security and privacy practices and operations. Current compliance and attestation reports are available to customers and prospects under NDA.
Report Accessibility
Current compliance and attestation reports are available to customers and prospects under NDA. Please complete the form below or engage your account team to submit a request.
By submitting this form, you agree to our privacy policy.
Infrastructure security and resilience
Trust that your data is not just secure but also available whenever you need it with our multilayer security defense strategy. Coupled with incident response and disaster recovery plans as well as team of on-call support staff ready to execute them, this approach enables us to deliver a 99.9% uptime.
Application security by design
- Secure coding practices, including vulnerability and third-party penetration testing
- Encrypted using TLS 1.2 or higher in transit and AES 256 at rest
Network security
- Customer-directed data management – store information on our servers or yours
- Incident response and disaster recovery
- Improves upon security features of public stores such as Apple, Google, and Microsoft
Identity and access management
- Secure global collaboration through identity and access management (SSO)
- Custom password complexity policies
Internal security
We combine enterprise-grade encryption technology with rigorous internal processes for secure data handling.
- Background check on all TrueContext staff
- Mandatory monthly security awareness training for all team members
- Employees receive access to customer data based on least-privilege principle
Third-party compliance
Our longstanding audited compliance program gives you peace of mind in selecting a new product for your tech stack.
- Attestations readily available to support your annual vendor audits
- SOC 2 Type II
- HIPAA and FDA Title 21 Part 11 third-party auditor attestations for highly regulated industries such as healthcare
Our privacy program complies with global privacy laws, including the EU’s General Data Protection Regulation (GDPR) and the UK GDPR.
Our Privacy Policy governs how we collect, use, and manage your personal information while providing our services to you.
Its integration with our CRM tools in our offices make it very easy to keep track of all details of our customers. On data security, this tool prevent other unauthorised parties from accessing our sensitive data through data encryption.
MYLAR A.
SYSTEMS MANAGER
This tool is highly secure and easy to scale. I like how this tool meets compliance requirements by reducing compliance risks/incidence.
Brianna W.
Software Engineer
We can smoothly import and export data thanks to the integrations with software like Salesforce and Dropbox.
Grant B.
Account Director
Frequently Asked Questions
How does TrueContext keep my data secure?
How is my data secured on hosted systems in the cloud?
Is my data also secured on iOS and Android mobile devices?
Can I access TrueContext via single sign-on (SSO)?
Has TrueContext achieved SOC 2 compliance?
What’s the difference between SOC 2 Type II and other compliance certifications (such as ISO)?
Is TrueContext HIPAA Security Rule and HITECH Act compliant?
Can TrueContext’s employees simply view the data in our TrueContext account?
Does TrueContext screen employees prior to hiring?
Do TrueContext employees adhere to secure coding guidelines?
Does TrueContext sign data processing agreements?
Does TrueContext have 24/7 security incident management capabilities?
Does TrueContext have a disaster recovery strategy?
What steps has TrueContext taken to proactively mitigate Distributed Denial of Service (DDOS) attacks and other malicious attacks?
Does TrueContext offer any specific technology for customers who provide regulated services, such as those in the medical field?