Altrina Trust Center
At Altrina, security isn't just a feature—it's foundational to everything we build. Our security-first mindset drives our development processes, infrastructure decisions, and organizational policies. We treat the data entrusted to us—whether from our customers, their end users, or anyone who interacts with our organization—with the utmost care and responsibility. Security is embedded in our DNA, enabling us to deliver innovative solutions without compromising on protection.
Compliance
Resources
SOC 2 Type I Report
Information Security Management System Communication Plan Policy
Oversight Committee Charter
Incident Response Policy
Automated individual decision-making, including profiling
Controls
Remote access tool
ePHI policy accessibility evidence
Access restricted to modify infrastructure
Access control procedures
Access review of infrastructure
ePHI data sanitization
Encryption of data
Data disposal policy
Privacy and confidentiality governance charter
Data protection policy
Source code tool
Business continuity and disaster recovery testing
Vulnerability scanning
Web application firewall
Sample code changes
SSL/TLS certificates for infrastructure
Intrusion detection tool
Infrastructure baseline hardening policy
Network diagram
Monitoring, measurement, analysis and evaluation
Security incident list
Alerts and remediation
Incident response and breach notification policy
Breach notification communication
Internal GDPR compliance assessments
Binding corporate rules policy
Whistleblower policy
Rectification request policy
Objection handling policy
Log management tool
ePHI risk assessment report
Vendor management program
Vendor list
Vendor onboarding
Vendor termination
Consent records
Age verification and parental/guardian consent process
Media disposal training
New employee and contractor agreements
Security awareness training implemented
Background checks
List of newly hired employees & contractors
Asset register maintaining
Multi-availability zones
Risk management program
Risk and Governance Executive Committee meeting minutes
Lawful basis assessment
Legitimate interest assessment
Information security policies and procedures
Customers list
Mobile device management tool
Patient status and admission records
Mobile device management tool configurations
Subprocessors
SlackBusiness Apps & Productivity
GitHubCode & Build Security
LinearBusiness Apps & Productivity
DigitalOceanCloud Infrastructure & Platform Services