Axcient holds our partners' data in highest regard. We maintain data integrity and protect partner data through methods that avoid compromise. Our current policy of data destruction is to never remove data unless specifically requested by the partner or data owner or if an account has expired for a substantial length of time. This policy has been updated to match the requirements of GDPR (General Data Protection Regulation).
CloudFinder uses military-grade encryption when transporting data over Secure Sockets Layer (SSL) encrypted connections. From the SSL encrypted connections it routes to an HTTPS stand-alone processes running behind a firewall. Our Server Side Encryption (SSE) uses at minimum 128-bit SSL (128-bit) in transit and 256-bit Advanced Encryption Standard (256-bit AES) at rest. Stored data is only accessed by Office 365 applications from behind a firewall.
The current status of HIPAA compliance for each of our services can be found here: