We understand that the 30,000+ businesses that use EaseCentral place a high level of trust in us. EaseCentral makes security and the privacy of customer data a top priority. The information on this page is intended to provide transparency about how we protect data. We’re always making security improvements and will keep this page up to date with our latest policies and procedures.
EaseCentral follows Cal data privacy regulations, is HIPAA compliant, and is currently finishing up SOC 2 type 1. Beyond that, your data is encrypted with industry standard AES-256 both at rest and in transit. All brokers and employer admins, and EaseCentral employees are required to enable 2 factor authentication for secure access. Finally, we scan all data uploaded for viruses and malicious programs.
The reality is that you can never be 100% secure, which is why monitoring is just as important as security. EaseCentral runs regular assessments, including vulnerability and penetration testing from 3rd party vendors, and undergoes audits and reviews to ensure up-to-date best practices. We also track all data access and system changes and store changes securely.
EaseCentral’s management team takes security seriously, requiring employees to follow strict security procedures. Before an employee is hired a background check is conducted. All employees complete monthly security training and procedure testing and have access to EaseCentral on an as needed basis and require complex passwords.
EaseCentral’s servers reside in industry leading cloud service provider AWS and adhere to best practices. EaseCentral hosts data in multiple regions for both high availability and disaster recovery purposes. Servers are located in a Virtual Private Cloud and data is encrypted both during transmission and at rest.