One destination for procurement, legal, and security review.
Everything a buyer's security or compliance team needs to evaluate Veri-Tech: how we handle data, who we share it with, the terms that govern it, and the frameworks we cover. Each link is the source of truth for its topic — version-controlled and updated as the product evolves.
Last reviewed: 2026-04-29
Where everything lives.
Each pillar links to a canonical, version-controlled page. Use these in your vendor risk assessment, DPIA, or BAA package.
Security Posture
Read-only by default, scoped JIT write authorization, X.509 certificate auth, US-based infrastructure, and incident response contact.
Sub-Processors
The version-controlled list of every third party Veri-Tech engages, with HIPAA Business Associate status, ePHI handling, and a 30-day change-notice mechanism.
Data Processing Agreement
Customer Controller / Veri-Tech Processor framework, technical and organizational measures, EEA/UK/Swiss transfer mechanisms (Standard Contractual Clauses), and audit rights.
Privacy Policy
What we collect, how we use it, where it lives, and how to exercise data rights. No advertising trackers, no third-party analytics on authenticated portal pages.
HIPAA & Business Associate Agreement
Veri-Tech does not require, request, or process PHI to operate. A Business Associate Agreement is available for Customers with the HIPAA Compliance Pack. Email legal@veri-tech.net to request the template.
Terms & Acceptable Use
Master terms governing use of the Service, plus the Acceptable Use Policy that defines prohibited conduct and tenant scope.
Compliance frameworks we cover.
Veri-Tech maps tenant configuration to controls across multiple public frameworks. Framework references are nominative — Veri-Tech is not affiliated with or endorsed by these publishers.
Questions for security, privacy, or legal?
Reach the right team directly. We respond to vendor risk questionnaires, DPIA requests, and BAA / DPA execution requests in under five business days.