subscribili logo

We take security and privacy seriously. Our dedicated teams strive continuously to protect.

Account security

We limit access to your data to those who absolutely need it for their job duties.

Data privacy

Imagine a security fortress! We have multiple layers of security controls in place, like firewalls.

24/7 Threat Detection

Our security team employs advanced tools for continuous monitoring and real-time threat detection, ensuring swift risk identification and mitigation to keep your information safe.

Fraud prevention

Our payment processing system implements a machine learning algorithm trained on billions of data points to protect your patients from fraud.

Security and Compliance at Subscribili

Subscribili maintains SOC 2 Type II attestation and HIPAA compliance certification. Our SOC 2 Type II report and HIPAA certificate are available upon request.


Product Security

Access with Purpose

With role-based access controls, we ensure only authorized individuals can access necessary data, minimizing unauthorized access risks. Additionally, all employees complete annual HIPAA and technical security training.

Penetration and Vulnerability Tests

Subscribili uses a third-party security firm for annual penetration testing and employs automated SAST and DAST for continuous vulnerability monitoring of our applications.

Consistency is Key

Our security measures are applied consistently across all departments and systems within our company. This ensures no weak points where data might be vulnerable.

Constant Improvement

Security is an ongoing process. We regularly evaluate and enhance our security controls to stay ahead of evolving threats for increased protection of your data.


Enterprise Security


Endpoint protection

All corporate devices are centrally managed and equipped with mobile device management (MDM) software and anti-malware protection. Endpoint security alerts are monitored 24/7/365. Our MDM software enforces secure configurations, including disk encryption, screen lock settings, and software updates.

Secure remote access

Subscribili enhances the security of remote access to internal assets through a cutting-edge VPN platform, anchored by top-tier AES-256 encryption. Additionally, to safeguard our employees and their devices during internet browsing, we employ DNS servers that block malware.


Security education

Subcribili provides comprehensive security training to all employees upon onboarding and annually through educational modules within Subcribili ’s own platform. In addition, all new employees attend a mandatory live onboarding session centered around key security principles. All new engineers also attend a mandatory live onboarding session focused on secure coding principles and practices.

Identity and access management

Subscribili implements Google SSO and Rippling for robust identity and access management. We prioritize phishing-resistant authentication methods, favoring WebAuthn whenever feasible. Access to applications for Subscribili employees is role-specific, and rights are revoked immediately upon employment termination. Any further access necessitates approval in line with the designated policies for each application.

Data Privacy

Subscribili uses TLS 1.2 or higher for customer data encryption, with TLS keys and certificates managed by AWS using serverless architecture.

Responsible disclosure

If you believe you have discovered a vulnerability in our systems or applications, we request that you disclose it to us via our responsible disclosure form. Open Form

Regulatory compliance

Subscribili continuously reviews updates to regulatory standards and new frameworks to advance and refine our approach.

Privacy Policy and HIPAA Privacy Statement

View our Privacy Policy and HIPAA Privacy Statement