Security

Overview

LocumPoint takes security seriously. While this page provides a high-level overview, security controls and configurations for client implementations may vary based on requirements, data sensitivity, and hosting environment.

Core practices

• Least privilege: access is limited to what’s needed for a role or task.
• Encryption: we prefer encryption in transit (TLS) and at rest where applicable.
• Auditability: change tracking and event logs are used to support traceability.
• Secure development: dependency hygiene, code review, and environment separation.
• Monitoring: health checks and alerting can be configured for production systems.

Client data

For client projects, we work with your team to define data handling requirements, retention, and access controls. If you have compliance or security questionnaires, we’re happy to review them.

Responsible disclosure

If you believe you’ve found a security issue on this Site, please report it responsibly. Do not attempt to exploit vulnerabilities or access data not intended for you.

• Email: security@locumpoint.net (replace with your real inbox)
• Include: URL, steps to reproduce, impact, and any relevant screenshots/logs

Changes

We may update this page periodically to reflect improvements or process changes.