Security & Compliance

Transparent, secure solutions for privacy-centric organizations.

Security & Compliance

Transparent, secure solutions for privacy-centric organizations.


Privacy-focused SaaS utilizing the latest in data security for healthcare compliance.

Canary is backed by a team of experts working tirelessly to maintain data security – from our development lifecycle, to continuous monitoring of our infrastructure and applications. Our technology is HIPAA-compliant and offers fully anonymous solutions. All research data collected through our API is de-identified in the analysis environment, ensuring complete user protection.


Built on industry-leading cloud platforms to ensure we’re always at the front of the pack.

We exclusively work with leading cloud partners who adhere to assurance programs including, but not limited to: SOC 1/ISAE 3402, SOC 2, SOC 3; FISMA, DIACAP, and FedRAMP; ISO 9001, ISO 27001, ISO 27017, ISO 27018. Environments are routinely audited, with certifications from accreditation bodies across geographies and verticals. Our technology is CIS Control Audited, vulnerability scanned, and has cleared all API penetration testing.

Data Security

Rigorously audited to ensure our systems architecture stays best-in-class.

Canary maintains robust data security procedures. We’re continually analyzing and updating our systems to implement the most secure data protections available. Staying up to date with the latest data protections is important to us. We verify our systems architecture, controls, and procedures annually through third party audits and penetration testing. All data is encrypted in transit with TLS 1.2 encryption, and at rest with AES-256 encryption.


Interested in learning more?

request a demo