Security, privacy, and compliance are foundational to how we build and operate IntakePro. We protect sensitive claims data with enterprise-grade controls at every layer.
Security practices aligned with SOC 2 Trust Services Criteria for security, availability, and confidentiality.
Information security management system aligned with ISO 27001:2022 requirements.
Full compliance with Canada's Personal Information Protection and Electronic Documents Act.
Our security controls are designed to meet the requirements of enterprise customers handling sensitive data.
Reliability, resilience, and transparency are central to our operational practices.
Built on managed cloud infrastructure designed for high availability, with health monitoring and automated alerting for service disruptions.
Defined incident response procedures with automated anomaly detection, alerting to on-call personnel, and structured investigation and remediation processes.
Managed cloud infrastructure with provider-level redundancy and backup capabilities. Audit logs archived to cloud storage for long-term retention.
Continuous application monitoring, daily automated audit log review, and configurable anomaly detection thresholds with multi-channel alerting.
Data processed through managed cloud providers that may operate across multiple regions. Audit archives may be stored in Canadian cloud regions where configured.
Subprocessors subject to appropriate contractual obligations. Subprocessor list maintained and available to customers upon request.
Detailed security and compliance materials are available to verified organizations. Access includes our security whitepaper, subprocessor list, DPA, and additional security documentation.
Requests are verified and reviewed by our security team. Typically processed within 1-2 business days.
Request AccessTo report a security vulnerability, request compliance documentation, or ask security-related questions, contact our security team directly.