Compliance & Security

Compliance

  • SOC 2 Type II

    • Pulsara has completed a SOC 2 Type II audit for our platform and systems by a third party SOC auditor. Annual audits are completed to maintain our SOC 2 Type II compliance status. 

  • Penetration testing

    • Pulsara performs penetration tests annually to maintain and improve our security posture. The results of the penetration scan and test are integrated with our development process and addressed by level of criticality. 

  • Vulnerability testing

    • Vulnerability scans are performed on a recurring basis. Identified opportunities to improve are addressed by level of criticality by Pulsara's security and development teams. 

  • HIPAA

    • All team members are required to complete and pass HIPAA compliance training during onboarding, and annual refreshers thereafter. Pulsara performs HIPAA best practices with our services and systems, which are regularly assessed via our identified risks and controls management and audit. 

Security

  • Encryption in transit and at rest

    • Pulsara's platform utilizes industry best practice encryption for in-transit and at-rest data.

  • Device storage

    • Pulsara's platform does not permanently store data on mobile devices and data communications are completed using industry best practices encryption standards. 

  • Role-based access

    • Pulsara's platform allows role-based access.

  • Activity logs

    • Pulsara maintains immutable time stamped activity logs that can be accessed by administrators for review.

  • Risks & controls

    • Pulsara performs recurring risk assessments and implements associated controls that are reviewed by independent auditors on an annual basis. 

Shared Security Model

Screenshot 2024-01-22 at 8.48.00 AM

Architecture & Resiliency

  • Load balancing and geographic redundancy

    • Pulsara's systems utilize dynamic load balancing to automatically distribute incoming application traffic across a web server cluster. Additionally, to support system continuity best-practices, our systems leverage multiple geographically separated data centers.

  • No on-premise infrastructure

    • Cloud-based infrastructure, hosted on AWS. 

  • Geography

    • All customer data is encrypted and stored in U.S. based servers.

  • DR & hourly backups

    • Pulsara maintains best practices to ensure our systems are resilient and distributed. Our infrastructure is supported by our Disaster Recovery plan, with environments on standby in the case of a disaster. Pulsara maintains hourly backups of all data. 

Employment

  • Background checks and annual security training

    • All Pulsara team members are required to pass a background check before joining our team. Pulsara also requires passing our security awareness training during onboarding, with security awareness refreshers completed annually. Pulsara integrates changes to our security awareness training as best practices and systems evolve. 

  • All support and services provided in the U.S.

    • Pulsara maintains 100% U.S. based support and services teams for U.S. based customers.

For more information:

If you have additional questions, please contact us at help@pulsara.com.