Security

We’re serious about protecting health data

We’re committed to keeping health information and sensitive data safe using industry best practices and following all federal and state laws.

Request audit reports
Photograph of an older woman reviewing some paperwork at a kitchen table.
Policies & procedures

We know what data we have, who’s using it for which purpose, and we verify that constantly.

Access control

Our systems are designed with least privilege in mind and role based access to control permission creep.

Contingency & disaster recovery

We have architected our systems for high availability and high resiliency against threats, but can quickly enact our contingency and disaster recovery operations to ensure our customers can use our platform when they need to.

Industry compliance

Our platform is HITRUST r2, PCI DSS v4.0, SP ROC certified, and our organization is SOC 2, CMS, HIPAA, and federally compliant.

Employee Awareness

Our people are trained at hire, annually, and throughout the year with simulated testing and attacks to enforce a employee hardened approach.

Auditing

Our system continuously monitors for threats and alerts our security team of any threat identified to ensure a quick and efficient response.

Automation

From our systems to our environmental events, SunFire has built it’s platform with automation, high resiliency, and threat awareness in mind.

Certifications

AICPA SOC logo

SOC 2®

AICPA SOC logo

SOC 3®

PCI DSS v4.0 Certified

PCI DSS v4.0

HITRUST Certified badge

v9.3

HIPAA logo

HIPAA

A-Lign logo

Pen Test

Looking for more detail?

Contact our Security Team