As an agile team that handles sensitive data, we not only need an error monitoring tool that fits into our continuous deployment and development process, but we must make sure that we protect our client’s sensitive data while meeting HIPAA compliance.Warren Habib CTO

Security in mind

We're always working to improve our security features, policies, and procedures

Penetration testing

Independent testing and internal audits are conducted regularly

Security training

We conduct regular security training that meets HIPAA standards

Incident reporting

We have a responsible disclosure policy for vulnerabilities found

Contingency planning

Procedures are in place in the event of service disruptions and disasters

Encryption at rest

All data is encrypted at application level with AES-256 GCM encryption

Access controls

SAML-based SSO, two-factor authentication, and policy-based access

Audit controls

Comprehensive and auditable logs of user activities

Data scrubbing

PII, PHI, PCI data filtering and removal, and custom data retention period

Common questions

Expand Question

Expand Question

Yes, you have the option to have Rollbar sign a BAA with you to ensure that we - as your business partner with access to PHI - is HIPAA-compliant. We offer standard BAA as an add-on to existing paid plans, or custom BAA as part of the Enterprise plan. Please contact Sales to learn more.


Expand Question

Expand Question

Loved by developers, trusted by enterprises