FinancialForce applications follow a rigid security policy and standards controls. They have a dedicated security team designed to protect customer information assets against a range of rapidly evolving threats. FinancialForce complies with the requirements of the HIPAA Security Rule that apply to FinancialForce in its capacity as a business associate. FinancialForce applications benefits from varieties of security controls implemented by Salesforce which includes:
- ISO 27001
- SSAE 16/ISAE 3402 SOC-1
- SOC 2
- SOC 3
- TÜV Rhineland Certified Cloud Service
A current list of security and privacy assessments and certifications of the Salesforce platform can be found at https://trust.salesforce.com/en/compliance/.