📣   U.S. Bank acquires healthcare payments platform Salucro Healthcare Solutions - Learn More

Security at Salucro

It Goes Even Deeper Than Trust & Safety

Maintaining compliance and adhering to our commitment to protecting client and patient data is more than just our responsibility, it’s something that we're incredibly passionate about.


HIPAA Compliant

HIPAA Compliant (HITRUST CSF Certified)

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is one of the primary regulatory framework that pertains to the use and disclosure of certain patient information and how that information must be securely protected. As a HIPAA-compliant organization, we employ industry-leading data privacy and security safeguards designed to ensure all patient data is safe and secure.

In fact, in furtherance of Salucro’s commitment to protecting patient data, Salucro obtained HITRUST CSF certification for the Salucro Payment Platform. The HITRUST CSF framework is designed to provide an integrated security approach as well as a way to demonstrate compliance with HIPAA security requirements to a third-party assessor.


P2PE PCI Validated

Point-to-Point Encryption Validated

The Salucro Payment Platform is a Point-to-Point Encryption (P2PE) Validated Solution, combining secure payment devices, applications, and security practices to securely process encrypted payment card data. Find our listing on the PCI Security Standards Council website.


PCI DSS Compliant

PCI DSS Compliant

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security and operational standards applied to the secure use, processing, and storage of payment card data. By certifying to PCI DSS as a Level 1 Service Provider, Salucro demonstrates that the Payment Platform meets the same set of security standards designed to ensure that all companies that accept, process, store, or transmit payment card information maintain a secure environment.


SOC 2 Type II Compliant

SOC 2 Type II

Salucro undergoes a SOC 2 Type II audit on an annual basis to demonstrate adherence to the critical operational principles of Security, Processing Integrity, Availability, and Confidentiality with respect to data that flows through the Salucro Payment Platform.


SOC 1 Type II Compliant

SOC 1 Type II

In addition to the annual SOC 2 Type II audit of critical operational principles, Salucro undergoes an annual SOC 1 Type II audit focused on maintaining best practices for internal controls relating to financial reporting.