Florence Security Controls

At Florence Healthcare, our customers trust us with protecting their data, and security is of the utmost importance in everything we do. We have implemented a comprehensive set of security controls to ensure that your sensitive information is protected at all times. Below, you’ll find an overview of the key measures we have in place to safeguard your data.

  • Florence Security Program

Third party SOC 2 attestation performed annually. SOC 2 Type II Report available upon request. Fill out this form to request and sign our NDA in order to gain access.

We maintain a robust library of security policies and procedures which formalize and govern Florence security practices.

  • Regular Security Audits and Testing

We conduct annual security testing and assessments to identify and address potential security risks and areas of improvement. These include:

Application:

  • Third-party web application penetration tests
  • Static Application Security Testing (SAST)
  • Dynamic Application Testing (DAST)

Network:

  • Vulnerability scanning and patching
  • Third-party network penetration tests

Resiliency:

  • Disaster Recovery testing
  • Backup Restoration testing
  • Incident Response testing
  • Data Protection

All data transmitted between your browser and our servers is encrypted using industry-standard encryption protocols such as TLS 1.2 for data in transit and AES-256 for data at rest.

  • Server Infrastructure

All customer data is hosted by Amazon Web Services, where redundancy and load balancing are utilized to ensure we are providing customers with the highest levels of application performance and availability.

  • Access Control

We implement strict access control measures to ensure that only authorized personnel can access sensitive data. These measures include:

  • Role-based access controls (RBAC)
  • Principle of Least Privilege
  • Separation of Duties
  • Regular access audits and reviews
  • Security Monitoring and Response

Florence utilizes robust security monitoring and alerting capabilities along with formalized incident response procedures. This ensures we are able to respond quickly and effectively to security incidents.

Contact Us

If you have any questions or concerns about our security practices, please do not hesitate to contact us at privacy@florencehc.com. Your trust is important to us, and we are committed to protecting your information.