Security at Onclaim
We handle sensitive employee data every day. Security is not a feature we added later. It is how we built the product from day one.
Compliance
SOC 2 Type I
Onclaim has completed a SOC 2 Type I examination. Reports are available under NDA.
SOC 2 Type II
Currently in the observation period for SOC 2 Type II, expected Q2 2026.
Trust Center
Visit our Trust Center at trust.onclaim.com for real-time compliance status, policies, and documentation.
Data protection
US-only hosting
All customer data is stored exclusively in the United States.
Encryption everywhere
Data is encrypted in transit and at rest using industry-standard protocols.
Customer deletion
Request deletion of your data at any time. Retention is configurable per client.
Automation & oversight
Human review
Sensitive decisions always include human review. Automation assists, it does not replace judgment.
Traceable actions
Every automated action is logged and auditable. You can see what the system did and why.
Full audit logging
End-to-end logs for all access and changes. You can audit everything we do on your behalf.
Identity & access
Single sign-on
Authenticate with your existing identity provider via WorkOS.
Passwordless login
Log in securely with email-based one-time codes.
Role-based access
Granular permissions ensure users only see what they need to see.
Questions about security?
Request our SOC 2 report, review policies, or submit a security inquiry through our Trust Center.