Trust Center · Always-on transparency

The same controls federal evaluators expect. Built into every module.

HS GovTech serves 1,000+ government agencies, including statewide environmental health departments. We engineer to the same compliance bar federal contractors do — and we publish the evidence rather than make you ask for it.

Request audit reports View live Trust Center

Live Trust Center

Audit reports, security questionnaires, and policies — published, not promised.

Your existing SOC 2 evidence lives at trust.hsgovtech.com today, powered by Vanta. Surfacing it here means procurement officers stop emailing for PDFs and start self-serving — directly on the site they already trust.

Vanta embed slot

Vanta Trust Center renders here

Drop an HTML Embed element in this exact position and paste the Vanta Trust Center embed code (Vanta → Trust Center → Settings → Embed). The badges below show what visitors will see surfaced from your existing program.

SOC 2 Type II report Security controls Subprocessor list Policy library

Compliance & Certifications

Engineered to the bar. Audited annually.

Every certification, control, and architectural choice is built for the agencies who protect our communities — not bolted on after the fact.

Defense in depth

Government-grade security, certified end to end.

Every layer of HSCloud — from field device to data warehouse — is engineered against the same controls federal and statewide agencies demand. We don’t bolt compliance on. We build to it, and we re-prove it on an annual audit cycle.

SOC 2 Type II FedRAMP In-Process CJIS HIPAA AES-256 RBAC WCAG 2.1 AA

See the document library

SOC 2 Type II Certified

Independently audited security, availability, and confidentiality controls.

FedRAMP In-Process

Federal Risk and Authorization Management Program authorization underway.

CJIS Compliant

Criminal Justice Information Services security policy alignment.

HIPAA Compliant

Protected health information handled per federal mandate.

AES-256 Encryption

At rest and in transit. Keys rotated automatically.

Role-Based Access Control

Granular per-user, per-agency, per-record permissions.

Tenant Isolation

Hard boundaries between agencies. Zero cross-tenant leakage.

99.99% Uptime SLA

For the agencies that protect our communities.

How we protect your data

Defense in depth, audited end to end.

Five layers, each independently verified. No single point of failure between a field device and your data warehouse.

Encryption everywhere

AES-256 at rest, TLS 1.3 in transit, automatic key rotation. Customer-managed keys available for state deployments.

Role-Based Access Control

Granular permissions per user, per agency, per record type. SAML/SSO with Okta, Azure AD, and ADFS.

Tenant isolation

Hard tenant boundaries. Every record carries its agency identifier. Zero cross-tenant data leakage by design.

Audit trail by default

Every read, write, and admin action recorded with actor, timestamp, IP, and payload diff. Exportable for evidence.

Resilient infrastructure

Multi-AZ deployment, automated failover, point-in-time backups, and a 99.99% uptime SLA for the agencies that protect our communities.

For procurement officers

Everything an evaluator asks for, in one place.

Request access and we’ll grant your team a credentialed view of the full evidence set — no NDA back-and-forth, no PDF chasing.

SOC 2 Type II report

CJIS attestation

HIPAA BAA

FedRAMP status

Penetration test summary

DR & BCP plan

Subprocessor list

DPA + insurance certs

Request access

Map your RFP controls to our posture

Hand us your security questionnaire. We’ll hand it back answered.

A 30-minute session where we walk your evaluators through the controls, line by line, against the requirements in your RFP.

Book a Demo Visit the live Trust Center