Compliance and Data Security

Insurance Trust Monitor, INC. understands that the security and availability of our customer’s data is vital to their business operations and our own success. We use a multi-layered approach to protect information, constantly monitoring and improving our application, systems, and processes to meet the growing demands and challenges of security.


Our system is housed in a Tier 4 Data Center with full physical security and redundant power, cooling and networks with 24/7 monitoring. We backup critical data in real time onsite and store an encrypted backup daily at multiple data centers to prevent data loss and maintain data integrity. We regularly test and improve our backup and disaster recovery plans to reduce potential downtime in case of an emergency.

Network Security

Our network security incorporates several layers to protect from external threats, segregate internal traffic and protect against application specific threats. We have intrusion detection alerts logged to a dedicated security event management system with 24/7 monitoring.


In addition to our commitment to keep our systems secure, ITM has adopted and implemented data privacy and security policies designed to maintain the confidentiality of sensitive information. Our employees complete ongoing compliance training covering U.S. data privacy and protection, phishing, information security, and HIPAA privacy and security intended to keep our employees up to date with the latest practices and regulations.

Third-party Testing and Assessments

Knowing that even the best procedures and systems could have a weakness, ITM regularly uses third parties to test and audit our security controls. We conduct monthly network security assessments and annual third party application security reviews and penetration tests. On an annual basis, ITM obtains an independent third party validation of our system and practices as part of an annual SSAE-18 SOC 2 audit.