Security at Delphina

Built from the ground up for security, privacy, and compliance.

Customer data is isolated, authorized, and encrypted. Your data will never be used to train shared models.

Security certificate

AICPA SOC 2

Delphina is AICPA SOC 2 Type II certified, underscoring our commitment to maintaining top-tier security standards with regular third-party penetration testing.

Security certificate

HIPAA

Delphina has achieved HIPAA verification, highlighting our adherence to the high level of security procedures required for medical data.

Why We're Different

Data Security

You Own Your Data

Delphina does not sell data or use customer data to train shared models

Hosting Options

Run Delphina either in our secure AWS cloud or deploy inside your VPC so that raw data never leaves your security perimeter.

Encrypted In Transit

All communications between clients and services as well as service and data stores are secured using TLS encryption.

Encrypted at Rest

All data stores are configured with encryption at rest with AES 256 bit encryption using AWS managed encryption keys

Single Tenant (Optional)

All raw data is proessed on dedicated single tenant machines.

In Sync with Source

Raw data is only cached, so existing GDPR and CCPA processes work as they are.

Why We're Different

Product Security

Authentication & Authorization

Authentication is performed via SAML SSO or OAuth 2.0 with your identity provider. Access to resources is authorized at every level of the stack, including the underlying networking, compute, and storage infrastructure.

Fine-Grained
Access Control

Delphina respects access control settings from each data integration you connect.

Audit
Logging

Comprehensive audit logging is available of Delphina usage

Corporate Security

Background Checks

All new team members are required to complete a background check during onboarding, as permitted by local law.

Security Training

All employees are required to complete security training as part of their onboarding process.

Operational Security

Security Testing

We conduct a range of security tests on an ongoing basis, including penetration testing, static and dynamic module scans, and code scanning.

Detection and Response

We employ a range of detection methods throughout our stack, including monitoring administrative endpoints, and have formalized a robust response framework should an incident arise.