Security program
Built for regulated healthcare data
Our security program is designed to protect sensitive healthcare data across ingestion, transformation, storage, and downstream access.
Encryption by default
Data is protected in transit with TLS 1.3 and encrypted at rest with AES-256.
Controlled access
Access is granted on a least-privilege basis with role-based permissions and multi-factor authentication.
Traceability and oversight
Logging, audit trails, and data lineage controls help support accountability and review.
Compliance & governance
Aligned to healthcare and enterprise expectations
Valiance Health maintains a security and compliance program structured to support regulated healthcare use cases and enterprise diligence requirements.
Compliance posture
- SOC 2 Type II audited controls
- HIPAA-aligned administrative, technical, and physical safeguards
- BAAs available where applicable
- PDPA Malaysia data protection alignment
Governance practices
- Security policies and procedures
- Access review and personnel controls
- Security awareness training
- Incident response and continuity planning
Infrastructure
Secure by architecture
Our platform is designed to support secure handling of healthcare data across regional deployments and tenant-separated environments.
- Hosted on AWS
- Regional infrastructure to support data residency requirements
- Tenant isolation between customer environments
- Controlled production access
- Backup and recovery procedures
- Versioned systems and operational traceability
Operational security
Continuously maintained and reviewed
Independent security assessments
Security controls are reviewed through external audits and supporting assurance activities.
Vulnerability management
We identify, prioritize, and remediate security issues through an ongoing review process.
Security training
Personnel receive regular training on security awareness and sensitive data handling.
Incident readiness
Documented response processes support containment, escalation, notification, and post-incident review.
Need documentation for review?
For detailed documentation, policy materials, control summaries, and subprocessor information, visit our Trust Center.
Go to Trust CenterSecurity questionnaires, documentation requests, and diligence follow-up can be routed through our security team.
Contact
Security questions?
For security reviews, documentation requests, or responsible disclosure inquiries, contact the Valiance Health security team.