Compliance teams handle some of the most sensitive information there is. TraceScanMatch is built so that the content of a workspace stays private to the people inside it - encrypted, isolated, and accessible only to your members.
Privacy by design
A few principles guide everything we build, so you can give your team a private place to work.
Encrypted in transit
Every connection between you and TraceScanMatch is encrypted, so your data is protected as it travels across the network.
Encrypted at rest
Workspace content is stored encrypted, so the data is protected even where it lives.
Members only
Only the members of a workspace can read its content. Membership is controlled by your workspace administrators.
Isolated workspaces
Each workspace is separated from every other one. Your data is never mixed with another organization's.
Only your members can read your workspace
When your team creates client files, runs screenings, and records decisions, that content belongs to your workspace and stays there. It is encrypted so that it can only be read by the members you have authorized - not other customers, and not curious onlookers.
Access follows membership and role. Adding or removing access is something your workspace administrators control, so you always know who can see your data and can change it at any time.
We treat your content as off-limits
We operate the platform, but your workspace content is not something we browse, sell, or use to train anything. Our team does not need to read your client data to keep the service running, and our access controls are designed around that principle.
If we ever need to help you with a support issue, we ask for the least information necessary and never request your passphrase or recovery code.
Safeguards that build confidence
Beyond encryption, the product is designed to keep access deliberate and accountable:
Role-based access so people see only what their job requires
A clear audit trail of screening activity and decisions for later review
Account recovery handled as a deliberate, verified process rather than a casual reset
Sensitive operations kept server-side, away from the browser
A limited, vetted set of infrastructure providers under strict data-protection terms
Reporting a vulnerability
We welcome responsible disclosure. If you believe you have found a security issue, please email security@tracescanmatch.com and we will work with you to investigate and resolve it. Please do not publicly disclose an issue before we have had a chance to address it.