Interested in a demo of our CareGLP platform to deliver GLP-1s at scale?
Request Demo Here!

Security at CareValidate

Security Information

Last Updated: April 1st, 2023

Data Security

CareValidate encrypts data at rest and in transit for all of our customers. We use Google Cloud Platform's Cloud Key Management tool to manage encryption keys using hardware security modules for maximum security in line with industry best practices.

Application Security

CareValidate regularly engages some of the industry’s best application security experts for third-party penetration tests. Our penetration testers evaluate the source code, running application, and the deployed environment.

CareValidate also uses high-quality static analysis tooling provided by Snyk and GitHub Dependabot to secure our product at every step of the development process. We fix all vulnerabilities as soon as they are detected.

Infrastructure Security

CareValidate uses Google Cloud Platform and Heroku to host our web applications, backend servers, and databases. We make full use of the security products embedded within the GCP system.

SOC 2 Compliance

As of April 1, 2023 CareValidate is proud to be SOC Type 2 compliant.

SOC2 Compliant