ProntoForms has successfully completed audits against the Service Organization Control (SOC 2 Type II), the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, the Health Information Technology for Economic and Clinical Health Act (HITECH), and has received Title 21 CFR Part 11 Compliance attestation for electronic records and signatures. Auditor attestations are available upon request.
We know that it is important for customers to be able to access their data anytime, anywhere. ProntoForms is proud to maintain the availability of its services above 99.9%. We implement safeguards to quickly and securely address any system performance or availability issues. Our team of on-call support staff responds to and resolve incidents as soon as they are identified. We regularly practice our incident response and disaster recovery plans to stay ahead of security threats and maintain the availability of customer data.
The ProntoForms solution is designed with security in mind. All customer data flowing through the system is encrypted using industry standard TLS 1.2 or higher in transit and AES 256 at rest. Our developers are trained regularly in secure coding practices. All code undergoes rigorous peer reviews and is scanned for vulnerabilities prior to each release. We are continually monitoring our application and our environment so that we are quick to notice if anything goes awry. ProntoForms regularly engages third parties to perform penetration testing, and promptly resolves any issues that are identified.
ProntoForms provides many security features which make it easy for customers to manage access to their data. Customers can choose to store their data on ProntoForms' servers or send the data to a preferred destination. ProntoForms is compatible with many Enterprise Mobility Management (EMM) and Single Sign-On (SSO) solutions and provides customers with the ability to set password complexity policies for their users. All passwords are hashed and salted to ensure that no one can gain unauthorized access to them.
The whole team at ProntoForms is engaged in maintaining security, right from the day they start. Before hiring, a background check is performed for every member of the ProntoForms Team. On the first day of work and every month thereafter, team members complete training to help them identify and prevent threats to the security of our business and your data. Employees are granted access to ProntoForms systems based on the principle of least privilege, and these systems are carefully monitored to keep our customers' data secure.
Frequently asked questions
We conduct ongoing compliance audits, penetration testing, and automated security scans. We offer 24/7 service operations and employ dedicated incident management teams.
It is your responsibility to ensure you have an adequate compliance program, internal processes, and that your use of ProntoForms services aligns with HIPAA and the HITECH Act. Use of ProntoForms contributes to HIPAA compliance, but does not guarantee it.
We test the reliability of our disaster recovery strategy every quarter.
- Data Pass-Through
- Enterprise Mobility Management and Mobile Device Management
- End-to-End Data Encryption
- Single Sign On
- User Policy Management
- Authentication Management
Have questions about data security? Ask our experts.
We're always happy to answer any questions or concerns you might have around security.
Please use the form below to get in touch with our security team.