Oramasearch, Inc. Trust Center

Oramasearch, Inc. is committed to protecting the security, privacy, and integrity of our systems and customer data. We implement industry-standard technical and organizational measures designed to safeguard information against unauthorized access, disclosure, alteration, or destruction. Security and privacy are core considerations throughout our product development and operational processes, and we continuously review and improve our practices to meet evolving risks and compliance requirements.

trust@orama.com

Compliance

Resources

Baseline Hardening Policy

Vendor Management Policy

Incident Response Policy

Data Classification Policy

Board of Directors Charter

Controls

Access control procedures

ePHI policy accessibility evidence

Remote access tool

Access restricted to modify infrastructure

Access review of infrastructure

Encryption of data

Data disposal policy

Privacy and confidentiality governance charter

ePHI data sanitization

Database backups

Source code tool

Business continuity and disaster recovery testing

Vulnerability scanning

Web application firewall

Sample code changes

SSL/TLS certificates for infrastructure

Intrusion detection tool

Infrastructure baseline hardening policy

Monitoring tool

Infrastructure firewall

Security incident list

Alerts and remediation

Breach notification communication

Incident response and breach notification policy

Whistleblower policy

Log management tool

ePHI risk assessment report

Vendor management program

Vendor list

Vendor termination

Vendor onboarding

New employee and contractor agreements

Media disposal training

List of newly hired employees & contractors

List of active employees & contractors as on date

Employee handbook

Asset register maintaining

Multi-availability zones

Risk and Governance Executive Committee meeting minutes

Risk management program

IAC-6

IAC-3

CRY-3

IAC-0

DCH-3