Your Data. Protected.
Your Trust. Earned.

CarePoint Solutions is committed to the highest standards of data security, privacy, and regulatory compliance — so your laboratory can focus on what matters most: patient safety.

SOC 2 - Audit in progress
GDPR - Ready
CCPA / CPRA - Ready
Trust

Security Built Into Every Layer.

From the infrastructure we run on to the code we ship, security is a first-class requirement — not an afterthought.
Cloud

Cloud Infrastructure

Hosted on AWS with Multi-AZ deployment across us-east-1 (primary) and us-west-2 (disaster recovery). ECS Fargate for compute, RDS Multi-AZ for databases, and S3 Cross-Region Replication for object storage.
Encryption

Encryption Everywhere

All data encrypted in transit with TLS 1.2+ and at rest with AES-256 via AWS KMS. Customer data is logically isolated with per-tenant encryption key management.
Monitoring

Monitoring & Incident Response

Continuous monitoring via Datadog APM, CSPM, and synthetic tests. CloudTrail audit logging retained for 36 months. Defined incident response SLAs: P1 acknowledgement within 1 hour.
Secure Development

Secure Development (SDLC)

Every code change passes automated SAST, secrets detection, SCA, and container scanning via Datadog before reaching production. Mandatory peer code review and staging validation on every PR.
Access Control

Access Control

Role-based access control (RBAC) with least-privilege enforcement. MFA required for all privileged accounts. Quarterly access reviews and immediate de-provisioning upon offboarding.
Business

Business Continuity & DR

RTO of 4 hours and RPO of 1 hour. Automated daily backups with 30-day retention. Disaster recovery runbooks tested annually. 99.9% uptime SLA for production services.

Certifications & Frameworks

We align with the frameworks that matter most to clinical laboratories and healthcare organizations.
SOC

SOC 2 Type II

Audit in progress covering Security, Availability, and Confidentiality trust service criteria. Report expected Q3 2026.
Find More Audit in Progress
GDPR

GDPR

Data Processing Addendum (DPA) available. Data subject rights honored within statutory timeframes. Privacy-by-design throughout the platform.
Find More Ready
ccpa

CCPA / CPRA

California consumer privacy rights fully supported. Data subject deletion and opt-out requests honored within 30 days.
Find More Ready
ISO

ISO/IEC 27001

Information security management controls aligned with ISO 27001 Annex A. Formal certification planned following SOC 2 audit completion.
Find More Ready

Empowering teams with trusted experiences

Security

Security Disclosures

 [email protected]

Privacy

Privacy & Erasure Requests

[email protected]

Platform Status

Platform Status

status.carepointsolutions.com

DPA Request

DPA Requests

[email protected]

Request Compliance Documentation

Enterprise buyers and procurement teams can request access to our compliance document library. Our security team responds within 1 business day.

  • Certain documents require a signed mutual NDA before 
access is granted.
  • For urgent inquiries :[email protected]
I agree to the Terms of Service and Privacy Policy. Certain documents require a signed mutual NDA before access is granted