Skip to main content

Security & Compliance

eCourtDate is built to meet the strict security requirements of government and justice-sector organizations. Here is a plain-language overview of what each compliance term means and why it matters:

  • CJIS-compliant — CJIS (Criminal Justice Information Services) is an FBI security policy that governs how criminal justice data must be handled. Compliance means eCourtDate meets the standards required for systems that process law enforcement and court data.
  • FedRAMP High compliant — FedRAMP (Federal Risk and Authorization Management Program) is a government-wide framework for evaluating cloud security. "High" is the most stringent level, required for systems handling the most sensitive government data.
  • Encryption at rest (AES 256-bit) — Data stored on eCourtDate servers is encrypted, meaning even if someone gained physical access to the storage hardware, they could not read the data without the encryption key.
  • Encryption in transit (HTTPS) — All data sent between your systems and eCourtDate is encrypted during transmission, preventing eavesdropping.
  • FIPS 140-2/140-3 — A federal standard for cryptographic modules. eCourtDate uses AWS cryptographic services validated to this standard, ensuring encryption meets government-approved requirements.
  • MFA mandatory — Multi-Factor Authentication requires a second verification step (like an authenticator app or hardware key) beyond just a password, significantly reducing the risk of unauthorized access.

Full Security Overview

  • HTTPS enforced in transit; AES 256-bit encryption at rest
  • AWS FIPS 140-2/140-3 compliant cryptographic services
  • Hosted in AWS GovCloud (US)
  • CJIS-compliant environment
  • FedRAMP High compliant
  • MFA mandatory (app and hardware-based)
  • CloudFlare for DDoS protection and Web Application Firewall
  • OWASP Top 10 and CWE/SANS Top 25 automated security scans
  • 99.95% uptime with automated hourly data backups
  • Granular CRUD permissions per record type

Subsections