Phases Trust Center
At Phases, security is central to everything we do. We treat the data entrusted to us, whether from our customers, their end users, or anyone who interacts with our company, with the utmost care and responsibility.
Compliance
Resources
SOC 2 Type II Report
HIPAA Internal Privacy Policy
Personnel Security Policy
Acceptable Use Policy
Information Security Policy
Controls
ePHI policy accessibility evidence
User list with assigned roles and privileges
Remote access tool
VPN access
Access restricted to modify infrastructure
ePHI privacy and security awareness training
Privacy and confidentiality governance charter
Encryption of data
Backup and recovery policy
Database restorations
Penetration testing
Source code tool
Web application firewall
Vulnerability assessments policy
Vulnerability scanning
SSL/TLS certificates for infrastructure
Network diagram
Monitoring tool
Infrastructure baseline hardening policy
Infrastructure firewall
Alerts and remediation
Breach notification communication
Security incident list
Incident response and breach notification policy
Whistleblower policy
Log management tool
Vendor management program
Vendor onboarding
Vendor list
Vendor termination
ePHI risk assessment report
List of active employees & contractors as on date
Security awareness training implemented
List of newly hired employees & contractors
Media disposal training
Employee handbook
Asset register maintaining
Multi-availability zones
Risk and Governance Executive Committee meeting minutes
Risk management program
Information security policies and procedures
Patch management
Antivirus and malware configurations
Mobile device management tool configurations
Mobile device management tool