Image
Earning
your
trust
through
data
security

Our platforms and security infrastructure are designed to protect YOUR data and eliminate unnecessary disruptions to YOUR business. The combination of the best security technologies, regular scanning & testing, audits performed annually on our security program, and HIPAA compliance enables us to protect both you and your data. At nVoq, here is what we do to protect YOUR data...

Independent Audits Ensure Integrity, Privacy & Availability

The nVoq platform undergoes regular, rigorous independent audits in accordance with the AICPA’s SOC2 Type 2 standard, to confirm compliance and safeguarding of client data.

To ensure that the necessary security protocols are in place and function properly, nVoq undergoes a SOC2 Type 2 assessment annually, based on these four Trust Service Principles…

  1. Security
  2. Availability
  3. Confidentiality
  4. Privacy

nVoq’s HIPAA compliance is included under its SOC2 Type 2 program, so that it undergoes an independent third-party audit every year, even though having an external audit is not required by HHS.

nVoq goes above and beyond to ensure the safety, security, and privacy of your data.

Additional Security Documentation:

U.S. HIPAA

CANADA

DATA PERSISTENCE

SECURITY BRIEF

High Availability and Redundancy
In order to ensure you have high availability and redundancy, nVoq operates its speech recognition platform in a secure, hosted environment to ensure the security of YOUR data, uptime and performance. Redundant data centers and multiple independent Internet service providers ensure availability. Redundant hardware is in place throughout the network infrastructure to ensure network traffic delivery. We protect the environment from hardware failure by utilizing load balancing and clustering technologies.
Monitoring and Backup

nVoq utilizes advanced monitoring technologies on all levels of our applications and infrastructure. This includes a status page published to the internet for customer access regarding system status and even notification. This information is also available via text or email subscription 24/7 to ensure real-time alerting and response on any issues.

nVoq relies on a multi-tiered, redundant backup strategy to help ensure recovery of archived data. Backup procedures include frequent snapshots of all critical client data to multiple media types and geographically diverse locations.  We test backups regularly to ensure recovery reliability. We encrypt and securely transport offsite data backups to alternate locations.

Foundational Security Technology

Your confidence in our ability to manage and protect YOUR sensitive patient data is important to us. We protect our client’s data with a defense in depth approach, that includes powerful underlying technology tools such as:

  • Data Encryption for data in Motion and at Rest
  • Strong Encryption Technologies
  • MFA employed strategically on our platform
  • Intrusion Prevention System (IPS)
  • Intrusion Detection System (IDS)
  • Web Application Firewalls (WAF)
  • Network Firewalls
  • Virus and Malware Detection & Removal
  • Penetration Testing
  • Vulnerability Scanning
  • Dynamic Application Security Testing (DAST)
  • Static Application Security Testing (SAST)
  • Software Composition Analysis (SCA)
  • Clear, Deep and Dark web monitoring

Clients access our platform environment via encrypted TLS sessions. We encrypt sensitive customer data both during transmission and at rest using the same industry standard protocols used by modern financial institutions.

Availability & Disaster Recovery Protocols

The nVoq platform is designed to allow upgrades and updates without service interruptions to maximize availability to our customers and their users. We maintain, review, and test our disaster recovery plan to be well-prepared for potential disasters. At a high level, we have plans in place to coordinate key personnel, restore critical infrastructure systems, data, application functions, and conduct post-failover validation. These plans are tested regularly. Not only do we review the results of disaster recovery testing activities, but we also update and refine our plans as needed to improve our level of preparedness.

nVoq employs AWS cloud hosting for its production and staging platforms. Each of these platforms is spread across at least 3 availability zones (i.e., separate data centers in a single region) and in the US, disaster recovery is accomplished by maintaining a copy of customer data in a separate AWS region, but US customer data is always located in US-based data centers. nVoq's Canadian platform is hosted in multiple AWS Availability Zones inside the international boundaries of Canada.

Security Designed into Our Platform

nVoq believes that protecting your critical data is worth the extra effort and so we have designed security into our platform. As just a few examples, you can require your company administrators to utilize multi-factor authentication for system log-ins, all relevant account administration activities are logged and retained, data persistence is configurable by your company administrators, strong passwords are required for all administrators. We have a program to proactively apply important patches and to rapidly patch publicly disclosed vulnerabilities. All nVoq client software access requires a unique username and password.

For more information on our compliance efforts or for answers to your security questions, please reach out to us: 

For more info talk to us!
nVoq

SOLUTIONS

Clinician Outcomes
Financial Outcomes
IT Enterprise Value

ABOUT US

Company
Support
Careers
Contact Us
Security

SOCIAL

Facebook
Twitter
LinkedIn

© 2025 nVoq Incorporated. All rights reserved.

nVoq Incorporated | 2995 Baseline Road | Suite 306 | Boulder, Colorado 80303 | Contact Sales 1-866-383-4502

Privacy Policy