Security & Compliance — ClaimPigeon

Compliance & Security You Can Trust

Insurance agencies rely on ClaimPigeon to handle sensitive policyholder documents during intake. Our platform is built with strict protections to keep information private, secure, and under your agency's control. Agencies remain responsible for claims handling and compliance obligations.

Strong Encryption

All documents and information are encrypted while in transit and while stored, using modern security standards to ensure client data remains protected at all times.

Secure Team Permissions

Your agency controls who can view claims, upload documents, or manage settings. Only authorized team members can access sensitive information.

Full Activity Tracking

Every important action—uploads, downloads, updates, and status changes—is recorded with timestamps for complete visibility and compliance reporting.

Reliable Cloud Infrastructure

ClaimPigeon runs on secure, redundant cloud systems with automatic backups, encryption, and continuous monitoring to ensure maximum uptime and protection.

Private Agency Data

Your agency’s documents and claim information are kept fully separate from other organizations. Access is restricted to authorized team members within your agency.

Designed for Safety

Every part of ClaimPigeon follows strict “minimum access” principles, meaning systems and team members only receive the access they absolutely need—nothing more.

Data Security, Architecture & Compliance

Multi-Agency Data Isolation

ClaimPigeon enforces agency-level isolation across application logic, storage, and access controls. Every request is scoped to the active agency context. Elevated administrative access requires explicit authorization and is fully audited to ensure transparency and accountability.

Secure File Handling

Uploaded documents undergo validation and integrity checks prior to storage. Files are encrypted at rest and stored in isolated environments. Sensitive content is only accessible through authorized application flows and is not logged in plaintext.

Infrastructure & Deployment Security

ClaimPigeon runs on hardened cloud infrastructure with automatic HTTPS, container isolation, and continuous monitoring. Secrets are stored using managed secret services and accessed through least-privilege IAM roles. Deployments are versioned, verified, and traceable through CI/CD pipelines.

Audit Logging & Visibility Controls

Critical actions—including impersonation events, file access, configuration changes, and claim updates—are captured in immutable audit logs. Personally identifiable information (PII) is minimized and redacted where appropriate to support compliance and data protection practices.

Data Lifecycle Management

ClaimPigeon supports secure data retention, archival, and deletion processes. Encryption is maintained throughout the data lifecycle—from intake and processing to archival or deletion—based on agency configuration and policy.

Security-First Architecture

ClaimPigeon's architecture is designed around modern security best practices including tenant isolation, auditability, least-privilege access controls, and secure infrastructure design.