Hassle-Free Compliant Monitoring

Say hello to the only compliant SaaS error monitoring solution

Request More Information

Protect sensitive data

Advanced security features that help you keep PII safe and secure.

Regular Penetration Testing

Regular independent third party pen testing provides a thorough assessment of the security of our SaaS platform.

SAML-based SSO

Allows control and maintenance of identity management, resulting in fewer user identities and simpler accessibility across trusted domains.

Customized Data Retention

Control how often sensitive data, including PII and PHI, is stored and removed from your account.

Two-Factor Authentication

2FA offers an additional layer of security and is included with every user account.

PII Data Removal

Sensitive data is removed from electronic media, hardware, backups and online storage based on your security needs.

Personalized BAA and T&Cs

Custom Business Associate Agreements (BAAs) and terms ensure you are audit-ready while appropriately safeguarding your sensitive data.

Data Encryption

Encrypted data at rest and in transit. Network communications use TLS (Transport Layer Security) with AES-256 encryption to ensure the integrity and privacy of your data.

Audit and Security Controls

Additional controls to secure account access from access audit logs, setting max login attempts, to limiting access to certain IPs.

Maintain compliance

Committed to meeting the rigorous standards for data security and privacy.


Maintain HIPAA compliance, without self-hosting. With BAAs, we support your business need to secure PHI and other sensitive data.

ISO 27001

ISO 27001 compliance shows our commitment to the highest standards of data protection, ensuring security policies are followed throughout our operations.

AICPA SOC 2 Type 2

Our facility and operational controls have been evaluated by an independent third party and meet the criteria set by AICPA. Complying with SOC 2 Type 2, to safeguard your sensitive data.

US-EU Privacy Shield

Following all policies governing collection, use, and retention of personal information for our users in EU member countries as an approved member of the EU-US Privacy Shield Framework.

Cloud Security Alliance

We're members of CSA STAR, the industry standard for security assurance in the cloud. Participation demonstrates the use of best practices for providing security assurances to our customers.

Don't waste time self-hosting

Compliance-conscious companies deserve SaaS too.

Burden of self-hosted solutions

  • Implementation
  • Scrub sensitive data
  • Audit controls
  • Data encryption
  • Backup and recovery
  • Managing compliance
  • IT personnel
  • Incident response

Benefits of Rollbar's SaaS solution

  • Real-time error monitoring and alerting
  • Hassle-free secure compliant SaaS
  • Data security and protection
  • Compliance with regulatory standards
  • Custom Business Associate Agreements (BAAs)
  • And a lot less work - free your team to focus

Frequently Asked Questions

Rollbar complies with:

  • ISO 27001
  • US-EU Privacy Shield

Our data center facility is also compliant with:

  • AICPA SOC 2 Type 2
  • ISO 27017
  • ISO 27018
  • PCI
  • US-EU Privacy Shield
  • Data encryption at rest and in transit
  • Two-factor authentication (2FA)
  • SAML-based Single Sign On (SSO)
  • On-Demand Data Removal
  • Customized Data Retention
  • …and more on our Security Docs.

In the past, compliance-conscious companies have either had to self-host error tracking solutions themselves or opt-out of using this monitoring service altogether. Neither of these choices are without their risks or hassles. With self-hosted solutions, your team must take on the cost and burden of implementation, infrastructure and ongoing operation. Also, on-premises installations aren’t necessarily more secure. A healthcare data security report from IBM Managed Security Services (MSS) says that insiders were responsible for 68% of all network attacks targeting healthcare data in 2016. Almost two-thirds of those attacks were caused by people who used misconfigured servers and fell victim to phishing scams.

Rollbar lifts the burden of compliance off your shoulders. Compliant with industry standards such as HIPAA and ISO 27001, Rollbar protects sensitive data. No need for the compliance and management overhead of self-hosted implementations.

You get the same features and functionality of our error monitoring product along with compliance to standards such as HIPAA and ISO 27001. Plus, we provide additional security features such as data encryption, enhanced security controls, on-demand data removal and custom data retention policies. We also offer covered entities and business associate vendors signed Business Associate Agreements (BAAs) to indicate our commitment to the highest standards of data protection and security.

It’s not necessary to remove sensitive data before transmitting error data to our Compliant SaaS solution.

Contact us and we’ll be happy to share our BAA with you.

80,000 developers trust Rollbar to safeguard 19,000,000,000 errors in the Cloud.

Our top priority is to ensure privacy and the protection of sensitive data like patient health information. Having a HIPAA-compliant cloud solution like Rollbar's eliminates the concern of having unprotected data on our premises.

Nishant Panchal

CTO, Noteworth

Want to learn more about how Rollbar can help your team?

Give us a few details and we'll get in touch!