Data Encryption In Transit and At Rest
TPA Stream services support the latest recommended secure cipher suites and protocols to encrypt all traffic in transit. Customer Data is encrypted at rest.
We monitor the changing cryptographic landscape closely and work promptly to upgrade the service to respond to new cryptographic weaknesses as they are discovered and implement best practices as they evolve. For encryption in transit, we do this while also balancing the need for compatibility for older clients.
Security Features for Team Members & Administrators
Team Administrators can require all users to set up two-factor authentication on their accounts.
Team Administrators can integrate their TPA Stream services instance using SAML SSO.
External Security Audits
We contract with respected external security firms who perform regular audits of TPA Stream services to verify that our security practices are sound and to monitor TPA Stream services for new vulnerabilities discovered by the security research community. In addition to periodic and targeted audits of TPA Stream services and features, we also employ the use of automated security scanning of our platform.
About TPA Stream
TPA Stream is an insurtech software company based in Cleveland, OH. We work with health insurance brokers and third-party administrators to help them win business and streamline operations.
Our customers tell us they love working with TPA Stream because we are flexible, easy to work with, and constantly developing new and innovative solutions. TPA Stream has undergone a SOC 2 audit, and a copy of TPA Stream’s most recent report is available upon request.