At ConnectiveRx, we prioritize safeguarding our customers' sensitive information. To achieve this, we’ve implemented a robust security program built on industry-leading frameworks, including the NIST Cybersecurity Framework (CSF), SOC 2, HIPAA, and PCI. Our adherence to these standards ensures the highest level of security, with annual third-party attestation audits for SOC 2 (Type II for Security, Privacy, and Confidentiality), SOC 1 (Type II), HIPAA, and PCI, providing our customers with added assurance.
Our dedicated Information Security Team is organized into key areas for maximum effectiveness:
-
Chief Information Security Officer (CISO): The CISO oversees the entire Information Security program, sets strategic direction, manages security investments, leads technical security functions, and informs the Executive Management Team of any security-related risks.
-
Sr. Director of Information Security GRC: This role leads the Governance, Risk, and Compliance (GRC) team. This team ensures our security policies and procedures are up-to-date, conducts thorough testing and documentation of security controls, manages third-party attestation audits, and oversees the Information Security Risk Management process including Third Party Risk.
-
Manager of Information Security Operations: This role leads the Information Security Operations team. This team is responsible for the day-to-day oversight of all security platforms and controls, responds to escalated security events, maintains technical security infrastructure, and develops and executes security runbooks.
Through this structure, ConnectiveRx maintains a proactive and comprehensive approach to information security.
If you need help using this Security Trust Center, please contact us.
If you think you may have discovered a vulnerability, please send us a note.