Link

This site uses Just the Docs, a documentation theme for Jekyll.

Search

Apptoto

Table of Contents

  1. Hosting Security and Compliance
  2. Apptoto Policies

Hosting Security and Compliance

Apptoto is entirely hosted on Amazon Web Services (AWS). AWS is a popular cloud hosting service used by many developers to host their web applications.

AWS complies with a number of cybersecurity certifications, regulations, and assessments.. Many of these programs require an independent agency to audit activities. You can find more explicit details about the agencies and methods used in AWS’s documentation, sourced below.

AWS currently is currently in compliance with the some of the following certifications/regulations:

  • HIPAA - “Includes provisions to protect the security and privacy of protected health information (PHI).” (Source)
  • HITECH - 2009 expansion to HIPAA. “HIPAA and HITECH impose requirements related to the use and disclosure of PHI, appropriate safeguards to protect PHI, individual rights, and administrative responsibilities.” (Source)
  • ISO 9001:2015 - “Outlines a process-oriented approach to documenting and reviewing the structure, responsibilities, and procedures required to achieve effective quality management within an organization.” (Source)
  • ISO 27001:2013 - “A security management standard that specifies security management best practices and comprehensive security controls …” (Source)
  • PCI DSS - standard outlining guidelines for any entity that stores, processes, or transmit cardholder data. AWS is certified as a Level 1 Service Provider, the highest level available. (Source)
  • SOC 1, 2, & 3 - “Independent third-party examination reports that demonstrate how AWS achieves key compliance controls and objectives.” (Source)

For a full list of compliance programs, check out the official AWS compliance center at https://aws.amazon.com/compliance/programs/.

Apptoto Policies

Apptoto provides a number of security and compliance policies on their Security Policies page.

Below is a summary of the most important policies, with links to view each document in its entirety.