Finexio uses a HIPAA and PCI-compliant platform to host all of its apps.
Finexio’s physical infrastructure is hosted and managed within Amazon’s secure data centers and utilizes Amazon Web Service (AWS) technology. Finexio uses a HIPAA and PCI-compliant platform to host all of its apps.
Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under:
- ISO 27001
- SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
- PCI Level 1
- FISMA Moderate
- Sarbanes-Oxley (SOX)
Third-party security testing of the Finexio application is performed by independent and reputable security consulting firms. Findings from each assessment are reviewed with the assessors, risk-ranked, and assigned to the responsible team.
For more information please visit: https://www.heroku.com/policy/security