Brightstead Technologies

Security

Last updated: January 28, 2026

Our Commitment to Security

At Brightstead Technologies, security is not an afterthought—it is foundational to everything we build. Our team includes veterans of mission-critical systems where failure was not an option, and we bring that same discipline to protecting your data.

Encryption

All data transmitted to and from our Services is encrypted using 256-bit TLS encryption. Data at rest is encrypted using AES-256 encryption. We enforce HTTPS across all endpoints and services.

Infrastructure

Our infrastructure is hosted on enterprise-grade cloud platforms with SOC 2 Type II certification. We employ multiple layers of security including firewalls, intrusion detection systems, and regular penetration testing.

Compliance

Our security practices are designed to meet or exceed:

  • HIPAA requirements for protected health information
  • SOC 2 Type II standards for security, availability, and confidentiality
  • GDPR requirements for data protection
  • CCPA requirements for California consumer privacy

Access Controls

We implement strict role-based access controls (RBAC) to ensure that only authorized personnel can access sensitive systems and data. All access is logged and audited regularly.

Deterministic AI Security

Our deterministic AI engine produces 100% auditable decisions. Unlike generative AI systems, our technology does not hallucinate or produce unpredictable outputs. Every eligibility determination can be traced back to its source data and logic, ensuring transparency and accountability.

Incident Response

We maintain a comprehensive incident response plan that includes automated monitoring, rapid containment procedures, and transparent communication protocols. In the event of a security incident, we are committed to prompt notification of affected parties.

Responsible Disclosure

We welcome responsible security research. If you discover a potential security vulnerability in our Services, please contact us at security@brightstead.com. We are committed to working with researchers to address any issues promptly.

Questions

For security-related questions or concerns, please contact our security team at security@brightstead.com.