Florence Security Controls
At Florence Healthcare, our customers trust us with protecting their data, and security is of the utmost importance in everything we do. We have implemented a comprehensive set of security controls to ensure that your sensitive information is protected at all times. Below, you’ll find an overview of the key measures we have in place to safeguard your data.
Third party SOC 2 attestation performed annually. SOC 2 Type II Report available upon request. Fill out this form to request and sign our NDA in order to gain access.
We maintain a robust library of security policies and procedures which formalize and govern Florence security practices.
We conduct annual security testing and assessments to identify and address potential security risks and areas of improvement. These include:
Application:
- Third-party web application penetration tests
- Static Application Security Testing (SAST)
- Dynamic Application Testing (DAST)
Network:
- Vulnerability scanning and patching
- Third-party network penetration tests
Resiliency:
- Disaster Recovery testing
- Backup Restoration testing
- Incident Response testing
All data transmitted between your browser and our servers is encrypted using industry-standard encryption protocols such as TLS 1.2 for data in transit and AES-256 for data at rest.
All customer data is hosted by Amazon Web Services, where redundancy and load balancing are utilized to ensure we are providing customers with the highest levels of application performance and availability.
We implement strict access control measures to ensure that only authorized personnel can access sensitive data. These measures include:
- Role-based access controls (RBAC)
- Principle of Least Privilege
- Separation of Duties
- Regular access audits and reviews
Florence utilizes robust security monitoring and alerting capabilities along with formalized incident response procedures. This ensures we are able to respond quickly and effectively to security incidents.
Contact Us
If you have any questions or concerns about our security practices, please do not hesitate to contact us at privacy@florencehc.com. Your trust is important to us, and we are committed to protecting your information.