Access Management
Encryption
Endpoint Security
Network Security
System Monitoring and Alerting
Penetration Testing
Disaster Recovery and Business Continuity Plan
Incident Response Plan
Data Sharing and Processing
Data Retention and Disposal
Third-party Vendor Management
Rupert prioritizes compliance efforts to ensure the requirements of customers and regulators are met.
Rupert maintains compliance with the following standards
SOC 2
Rupert utilizes enterprise-grade best practices to protect our customers’ data, and works with independent experts to verify its security, privacy, and compliance controls, and has achieved SOC 2 Type report against stringent standards.
SOC 2 Report
We work with an independent auditor to maintain a SOC 2 report, which objectively certifies our controls to ensure the continuous security of our customers' data.
Developed by the Assurance Services Executive Committee (ASEC) of the AICPA, the Trust Services Criteria is the set of control criteria to be used when evaluating the suitability of the design and operating effectiveness of controls relevant to the security, availability, or processing integrity of information and systems, or the confidentiality or privacy of the information processed by the systems at an entity, a division, or an operating unit of an entity.
Continuous Security Control Monitoring
Rupert uses Drata’s automation platform to continuously monitor 100+ security controls across the organization. Automated alerts and evidence collection allows Rupert to confidently prove its security and compliance posture any day of the year, while fostering a security-first mindset and culture of compliance across the organization.
Employee Trainings
Security is a company-wide endeavor. All employees complete an annual security training program and employ best practices when handling customer data.
Penetration Tests
Rupert works with industry leading security firms to perform annual network and application layer penetration tests.
Secure Software Development
Rupert utilizes a variety of manual and automatic data security and vulnerability checks throughout the software development lifecycle.
Data Encryption
Data is encrypted both in-transit using TLS and at rest.
Vulnerability Disclosure Program
If you believe you’ve discovered a bug in Rupert’s security, please get in touch at support@hirupert.com. Our security team promptly investigates all reported issues.
HIPAA
Rupert utilizes enterprise-grade best practices to protect our customers' sensitive health information, and uses Drata to verify its security, privacy, and HIPAA compliance controls.
About HIPAA
HIPAA is a federal law that requires the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge.
Drata’s HIPAA product provides an automated approach to ensuring that organizations can demonstrate compliance.
Continuous Security Control Monitoring
Rupert uses Drata’s automation platform to continuously monitor security controls across the organization. Automated alerts and evidence collection allows Rupert to confidently prove its commitment to protecting your sensitive health information any day of the year, while fostering a security-first mindset and culture of compliance across the organization.
Employee Trainings
Security is a company-wide endeavor. All employees complete an annual HIPAA training program and employ best practices when handling customers' private health information.
Secure Software Development
Rupert utilizes a variety of manual and automatic data security and vulnerability checks throughout the software development lifecycle.
Data Encryption
Data is encrypted both in-transit using TLS and at rest.
Vulnerability Disclosure Program
If you believe you’ve discovered a bug in Ruperts security, please get in touch at support@hirupert.com. Our security team promptly investigates all reported issues.