InsurGrid makes it easy to securely connect your insurance accounts. Once connected, InsurGrid works to verify ownership of your account and transfer the data you’ve permissioned from your insurance carrier in a way that’s safe and secure.
The intent of this statement is to assist customers and partners with an active business relationship with InsurGrid, Inc. to document InsurGrid’s compliance with cybersecurity regulations.
InsurGrid takes great strides to safeguard our user's data within our comprehensively hardened infrastructure.
We use Amazon Web Services for our website infrastructure, where our data is physically stored within their world class data centers that use state-of-the-art multilayer access, alerting, and auditing measures.
We follow industry best practices to safeguard our users’ data.
InsurGrid encrypts data in transit. Data controlled by InsurGrid is encrypted in transit using Secure Socket Layer / Transport Layer Security (SSL/TLS). Data that contains sensitive data has an additional layer of AES 256-bit encryption.
InsurGrid encrypts data at rest using AES-256 encryption algorithm.
InsurGrid deploys controls to limit access to relevant information systems and Nonpublic Information.
We use Stripe for payment processing and do not store any credit card information. Stripe is a trusted, Level 1 PCI Service Provider.
InsurGrid implements a protocol for handling security events which includes escalation procedures, rapid mitigation, and post mortem. All employees are informed of our policies.
InsurGrid has a Responsible Vulnerability Disclosure program. You can read more details about our program, the rules of engagement, and how to submit vulnerability reports at https://insurgrid.com/disclosure.
If you have a security concern, question, or are aware of an incident, please send an email to security@insurgrid.com, a carefully controlled and monitored email account.
Last Updated: August 25, 2022