Security & Compliance

Data Security at SortSpoke

We value your data security as our top priority.

At SortSpoke, safeguarding our customer's data is the foundation of everything we do. We are focused on maintaining the highest industry standards to protect your data.

Enterprise-grade security with SOC 2 Type 2 and HIPAA compliance certifications to protect your sensitive insurance data
End-to-end encryption with TLS 1.2+ for data in transit and AES 256 for data at rest ensuring complete protection
Flexible data residency options with AWS's world-class security infrastructure for regulatory compliance and peace of mind

What Security Measures Does SortSpoke Provide?

Encrypted-in-transit & At-Rest: All customer data is protected by TLS 1.2+ in-transit and by AES 256 encryption at-rest.
Automation Failover & Scaling: SortSpoke provides high-availability, backups, and auto-scaling out-of-the-box.
Data Residency: We can host your data in your desired region to ensure it remains within a specific country.
SOC 2 Type 2 Compliance: SortSpoke maintains Service Organization Control (SOC) 2 Type 2 certification.
HIPAA Compliance: Our platform meets all requirements for healthcare information security and privacy.

SortSpoke is Built for Enterprise

Encrypted-in-transit & At-Rest

All customer data is protected by TLS 1.2+ in-transit and by AES 256 encryption at-rest.

Automation Failover & Scaling

SortSpoke provides high-availability, backups, and auto-scaling out-of-the-box.

Data Residency

We can host your data in your desired region to ensure it remains within a specific country.

SortSpoke Security Certifications

SOC 2 Type 2 Compliance

Our SOC 2 Type 2 certification demonstrates our ongoing commitment to implementing rigorous controls that protect your sensitive data and ensure the highest standards of security, availability, and confidentiality.

HIPAA Compliance

SortSpoke's HIPAA-compliant infrastructure and processes safeguard protected health information throughout the document extraction workflow, enabling healthcare insurers to maintain regulatory compliance while accelerating their underwriting operations.

SOC 2 Type 2

Service Organization Control (SOC) 2 Type 2

Learn more

HIPAA Compliant

AWS - A World Leader in Security

SortSpoke Security Infrastructure Partner

Built for Scale

All SortSpoke instances automatically adjust capacity to maintain the best mix of predictability and optimization for your team.

Security Focused

AWS facilities, networks, and server infrastructures are built and managed by world-class security experts.

Certifications

AWS supports multiple security standards to help satisfy the compliance requirements for many global regulatory agencies.

Learn more

AWS Global Certifications

FAQ

SortSpoke Security FAQs

Your data security is our priority—here are answers to common questions about how we protect your sensitive information.

How does SortSpoke ensure the security of our sensitive insurance data?

We protect your data with enterprise-grade encryption and maintain SOC 2 Type II compliance. Our human-in-the-loop approach adds an additional security layer with comprehensive audit trails tracking every interaction.

What happens to our documents after SortSpoke processes them?

Documents are handled according to your specified retention requirements, with you maintaining complete ownership at all times. You can export or delete your information whenever needed.

How does SortSpoke's AI approach differ from other solutions in terms of security?

Our human-in-the-loop AI keeps underwriters involved in the validation process, making every extraction decision traceable and auditable. SortSpoke works within your existing security perimeter, reducing implementation risks while maintaining compliance.

Do you have a standard security report that we can access?

Yes, we provide a comprehensive security whitepaper and SOC 2 Type II audit report upon request. Contact us today to learn how to get a copy.