Security
Overview
Joyfill follows industry best-practices to keep your data safe:
You can only access the Joyfill service via TLS (https). When you submit data to for storage or to generate a PDF, this data is encrypted at rest using AES-256.
All stored files are encrypted at rest, using the AWS Key Management Service. This includes template PDFs, generated PDFs, and any other files that are stored in Amazon S3.
Passwords are salted and hashed with high level expansion rounds. We do not store plaintext passwords in our database.
We subscribe to security mailing lists and patch any vulnerabilities as soon as possible.
Compliance (HITRUST, HIPAA, SOC 2, PCI DSS, etc.)
To maintain compliance we offer a self-hosting option. Our self-hosting option allows you to retain and manage all template, submission, file and any other data directly in your own system. See Self-Hosting or reach out to our team directly via live chat at https://joyfill.io
Vulnerability Disclosures
Joyfill welcomes vulnerability disclosures. Please send an email to [email protected] to report any security vulnerabilties.
Questions
Reach out directly to our team using our live chat at https://joyfill.io
Updated 6 months ago