Trust Center
Xolvara Trust Center: PCI-DSS SAQ-A in place, HIPAA program in active build, SOC 2 program in scope. Controls mapped to HIPAA Security Rule, SOC 2 Common Criteria, and NIST CSF. Tenant-isolated data per practice, audit logging on every PHI touchpoint, TLS 1.2+ encryption in transit, role-based access with admin email OTP 2FA, PCI-isolated billing.