Trust Center
Everything your security review will ask.
The controls, certifications, and operating commitments that make Skillique safe to run a behavioral health business on.
HIPAA & 42 CFR Part 2
PHI and SUD records are protected per regulation, not per convenience. BAAs signed before any PHI lands.
US data residency
PHI stored exclusively in us-east-1 and us-west-2. No cross-border transfer, ever. Backups region-pinned.
Encryption everywhere
AES-256 at rest, TLS 1.3 in transit. Per-tenant encryption keys with rotation on demand.
99.95% target uptime
Multi-AZ Postgres, autoscaling app tier, blue/green deploys. Last 90-day measured: 99.97%.
Quarterly audit cadence
Internal access reviews quarterly, pen tests annually, vulnerability scans weekly with auto-remediation.
BAA on day zero
We sign a Business Associate Agreement before kickoff — not after the security review. SUD-confidentiality addendum included.
Uptime
Measured, not promised.
Excludes scheduled maintenance announced 7+ days in advance. Real-time component status at skillique.com/status.
Need something specific for your audit?
BAAs, SOC 2 Type I report, pen test summaries, architecture diagrams, and our DPA are available under NDA within 1 business day.