At Improvado, we take data privacy and security seriously and make it a priority to embed it in every aspect of our business. Our commitment to safeguarding your information is reflected in our adherence to various frameworks, regulations, and certifications, which are detailed on this page. For more comprehensive information on our security and compliance practices or if you have specific questions or requests regarding our security measures, please don't hesitate to reach out to our security team at security@improvado.io.
At Improvado, we value the security of our products and services and are committed to providing a safe and secure experience for our customers. We encourage responsible disclosure of any security vulnerabilities that may be identified in our systems, products, or services. If you discover a security issue, please report it to us promptly so we can take the necessary steps to address it. We also offer a bug bounty program to reward individuals who identify and report qualifying security vulnerabilities to us. For more information on our responsible disclosure program, please refer to the Improvado Responsible Disclosure Policy or contact our security team at security@improvado.io.
We’ve updated our terms, please review them carefully. These updated terms will not apply to existing Customers who purchased the Service prior to June 28 or those who have executed negotiated terms with Improvado.
Effective Date: June 8, 2023
We are pleased to announce that we have completed our first SOC 2 Type II audit with no findings. This major milestone reflects Improvado’s commitment to protecting our customers’ data by implementing rigorous, enterprise-level security measures.
The audit, performed by BARR Advisory, reviewed Improvado’s controls related to security, availability, and confidentiality based on the Trust Services Criteria (TSC) of the American Institute of Certified Public Accountants (AICPA).
We understand the importance of transparency in building trust with our customers. Therefore, the SOC 2 Type II report will be made available to our current and prospective customers upon request, subject to the appropriate non-disclosure agreements.
Rest assured, we are committed to safeguarding your data and ensuring the security and integrity of our systems.
At Improvado, we recognize the importance of compliance with the Health Insurance Portability and Accountability Act (HIPAA) and protecting healthcare information (PHI). We are proud to offer Business Associate Agreements (BAAs) to our customers who require HIPAA compliance. We take our responsibility as a Business Associate seriously and have implemented robust security measures and processes to ensure the confidentiality, integrity, and availability of protected health information (PHI).
As part of our commitment to HIPAA compliance, we will sign a BAA with our customers, outlining our roles and responsibilities in protecting PHI. This includes implementing appropriate administrative, physical, and technical safeguards to protect PHI and reporting any breaches or security incidents in a timely manner. We understand the sensitive nature of healthcare information, and we are committed to maintaining the highest standards of privacy and security. By signing a BAA with us, our customers can trust that their PHI is being handled with the utmost care and in compliance with HIPAA regulations.
We acknowledge the importance of privacy and data protection regulations, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) and are committed to complying with these regulations and protecting the privacy of our customers' personal data.
We have implemented robust security measures and processes to ensure the confidentiality, integrity, and availability of personal data. We also provide our customers with transparency and control over their personal data, including the ability to access, rectify, and delete their data.
As part of our commitment to GDPR and CCPA compliance, we have appointed a Data Protection Officer (DPO) to ensure that our processes and procedures align with these regulations. Our DPO is available to answer any questions or concerns related to data protection and privacy. Please don't hesitate to reach out to our DPO at dpo@improvado.io.
At our company, we believe in the importance of trust and transparency with our customers. We are committed to maintaining the highest standards of privacy and security to protect our customers' personal data. By choosing to work with us, our customers can trust that their data is being handled with care and in compliance with GDPR and CCPA regulations.