Identity VerificationIDV checks enforced during sensitive processes, such as healthcare.gov applications
EncryptionFully secured by 256-bit encryption and isolated strictly-controlled VPCs
PrivacyNo selling or sharing data. Internal access is limited, logged, and audited.
SeparationInformation across parts of Catch are distributed, not comingled
Independent AuditsConducted at least annually, including over 400 CIS and NIST controls
Automated MonitoringRobust alert and logging framework for uptime, money, and enrollment