Central Trust Center
At Central AI, security isn't just a feature—it's foundational to everything we build. Our security-first mindset drives our development processes, infrastructure decisions, and organizational policies. We treat the data entrusted to us—whether from our customers, their end users, or anyone who interacts with our organization—with the utmost care and responsibility. Security is embedded in our DNA, enabling us to deliver innovative solutions without compromising on protection.
Compliance
Resources
SOC 2 Type I Report
Statement of Applicability
Data Classification Policy
Information Security Management System Statement of Applicability
Vendor Management Policy
Controls
Remote access tool
ePHI policy accessibility evidence
Access restricted to modify infrastructure
Access control procedures
Access review of infrastructure
Encryption of data
Database backups
Privacy and confidentiality governance charter
ePHI data sanitization
Backup and recovery policy
Source code tool
Vulnerability scanning
Business continuity and disaster recovery testing
Web application firewall
Sample code changes
SSL/TLS certificates for infrastructure
Intrusion detection tool
Infrastructure baseline hardening policy
Monitoring, measurement, analysis and evaluation
Monitoring tool
Security incident list
Alerts and remediation
Breach notification communication
Incident response and breach notification policy
Whistleblower policy
Log management tool
ePHI risk assessment report
Vendor management program
Vendor onboarding
Vendor termination
Vendor list
Media disposal training
New employee and contractor agreements
List of newly hired employees & contractors
Existing employee and contractor agreements
Employee handbook
Multi-availability zones
Asset register maintaining
Risk and Governance Executive Committee meeting minutes
Risk management program
Mobile device management tool configurations
Key management services used
Ticketing tool
Security-related roles
Termination checklist