Phases Trust Center
At Phases, security is central to everything we do. We treat the data entrusted to us, whether from our customers, their end users, or anyone who interacts with our company, with the utmost care and responsibility.
Compliance
Resources
SOC 2 Type II Report
Breach Notification Policy
Business Continuity and Disaster Recovery
HIPAA Internal Privacy Policy
Incident Response Policy
Controls
ePHI policy accessibility evidence
Remote access tool
Access restricted to modify infrastructure
Access control procedures
Access review of infrastructure
Encryption of data
Privacy and confidentiality governance charter
ePHI data sanitization
Database backups
ePHI privacy and security awareness training
Source code tool
Vulnerability scanning
Business continuity and disaster recovery testing
Web application firewall
Sample code changes
SSL/TLS certificates for infrastructure
Intrusion detection tool
Infrastructure baseline hardening policy
Monitoring tool
Infrastructure firewall
Security incident list
Alerts and remediation
Breach notification communication
Incident response and breach notification policy
Whistleblower policy
Log management tool
Vendor management program
ePHI risk assessment report
Vendor list
Vendor onboarding
Vendor termination
Media disposal training
New employee and contractor agreements
List of newly hired employees & contractors
List of active employees & contractors as on date
Employee handbook
Asset register maintaining
Multi-availability zones
Risk and Governance Executive Committee meeting minutes
Risk management program
Key management services used
Mobile device management tool configurations
Ticketing tool
Security-related roles
Termination checklist