Your data’s security is of the utmost importance to us. We employ best practices and best-of-breed standards to guarantee that your sensitive data remains protected and only accessible by authorized persons for authorized uses.

Security Practices and Standards We Use

At Truve, we believe that data security is a fundamental aspect of our legal technology platform. To ensure the confidentiality, integrity, and availability of customer data, we have implemented various security measures, including:


Data Encryption

We use industry-standard encryption algorithms to protect customer data both in transit and at rest. We also implement key management and rotation policies to ensure that encryption keys remain secure.


AWS Native

Truve is built entirely on the Amazon Web Services (AWS) platform, which provides security and stability through the largest cloud environment. AWS is trusted by 1.4 million companies around the world, including some of the biggest names in digital services. Our AWS servers are hosted in the US, and we leverage AWS’s extensive security features to protect customer data.


HIPAA Compliance

Truve is committed to protecting the privacy and security of Personal Health Information (PHI) in compliance with the Health Insurance Portability and Accountability Act (HIPAA). We have implemented technical, administrative, and physical safeguards to protect PHI, along with the ability to audit data to demonstrate privacy and compliance.


Role-Based Access Control (RBAC)

Truve employs RBAC, ensuring only authorized individuals have access to customer data, and only for a very-defined time period. We define roles and permissions based on job responsibilities and implement policies to ensure that access is granted on a need-to-know basis. These measures are controllable by end users, and they are employed by our own operations on the back-end for the protection of our customers.


SOC 2 Type II Compliance

Truve is currently undergoing a SOC 2 Type II audit, which measures the effectiveness of our internal controls in five Trust Services Categories: Security, Availability, Processing Integrity, Confidentiality, and Privacy.


ISO/IEC 27001

Truve is on the path towards implementing ISO/IEC 27001, a widely recognized standard that provides requirements for a robust information security management system (ISMS).


Information Security Committee

The Truve operations team has established an Information Security Committee, with cross-functional executive representation that meets regularly. The Committee provides governance, risk, and compliance (GRC) oversight as part of our enterprise risk management program.


Continuous Audits & Process Improvement

Truve is continuously working to improve our security posture. We conduct regular risk assessments, audits, privacy impact analysis, penetration testing, vulnerability scans, and other security best practices to identify and mitigate security risks.


Your Trust in Us Matters, Which Is Why We Take Every Possible Measure to Protect Your Data

In summary, Truve takes a comprehensive approach to data security and employs various measures to ensure that customer data is protected. We believe that this approach is fundamental to our mission of delivering a best-in-class legal technology platform.


Spend more time analyzing data and less time collecting it

Start the conversation to learn more about Truve's revolutionary technology.

Request a demo