SECURITY

Thrio security certifications

 

Protecting your most important assets

Ensuring your data remains safe and secure

At Thrio, security and privacy are a key focus. So, we’ve implemented a wide array of controls and safeguards in our code and processes to protect customer data and support enterprises in their own compliance efforts.

We’re also a member of the Cloud Security Alliance (CSA). Our infrastructure is hosted and managed within secure cloud providers accredited for ISO27001, SOC 2 Type II and PCI Level 1. Our security teams work tirelessly to ensure that best practices are always followed to keep your data safe.

Below, you can read more about Thrio’s current certifications and attestations, and learn how they can assist your enterprise in compliance activities.

Our certifications

Our certifications

Status:

Awarded After Independent Audit

Covered Topics:

Health Data | HIPAA Security Rule

HITRUST Common Security Framework supports enterprises in their compliance efforts related to health care data. The HITRUST CSF is the set of standards required for HIPAA compliance.

Status: 
Awarded After Independent Audit
Covered Topics: 
Payment Card & Information Security

Thrio’s PCI certification may enable an enterprise’s own data protection activities related to payment processing. While many elements of PCI compliance will still rest on an enterprise’s own practices, Thrio’s data storage, firewalls, in-transit encryption, and other information security efforts will assist in achieving and maintaining PCI compliance.

PCI DSS Compliant (Assessed by ControlCase)
Status: 
Awarded After Independent Audit
Covered Topics: 
Protections for Health Data

HIPAA provides data privacy and security provisions for safeguarding medical information. Enterprises using Thrio can be assured that the administrative and technical requirements for software providers have been followed. These include but are not limited to secure data flows, audit trails, and end-to-end encryption. While there is no definitive “HIPAA certification” status, industry best practices encourage third-party audits reviewing both technical and administrative compliance measures.

Status: 
Awarded After Independent Audit
Covered Topics: 
Privacy & Data Security

GDPR compliance assists Thrio customers in their efforts to do business in the European Union. This data protection, privacy, and data security standard is also relevant for enterprises whose data flows through the EU as GDPR covers data exporting out of the European Union.

Status: 
Member
 
Covered Topics: 
Data Security
 

Thrio is a member of the Cloud Security Alliance. Membership in the CSA is voluntary. The organization encourages best practices in security within cloud computing.

 
We use cookies on our website to check that it is working well for you. They help us understand more about our website and how we can make improvements. By accepting cookies, you’re helping us to develop a website that is designed for you. More about cookies.