JIL Sovereign publishes our framework status, encryption posture, and subprocessor list openly so procurement and security teams can complete evaluation before signing an NDA. Auditor-evidence-grade artifacts (signed inventories, vulnerability assessments, IR exercises, third-party reports) are released under NDA on request.
JIL operates under four primary control frameworks. Status as of 2026-04-26; refreshed monthly.
Technical, administrative, and physical safeguards mapped 100% to 45 CFR 164.308 / 164.310 / 164.312. BAA available with all healthcare engagements.
All five Trust Services Criteria (CC1-CC9 + Availability + Confidentiality) mapped. Engagement with an AICPA-licensed firm in flight; compressed first-year observation period.
CSF v11 i1 control set 98% mapped. Two i1-only gaps in plan (full MDM, Trivy CI scanning). Equivalent-control evidence accepted for single-personnel org.
All six functions (GOVERN, IDENTIFY, PROTECT, DETECT, RESPOND, RECOVER) mapped to live controls. Tier 3 - Repeatable; ascending toward Tier 4 - Adaptive.
| Layer | Algorithm | FIPS | Notes |
|---|---|---|---|
| Validator signing (CREB™) | Ed25519 + Dilithium-III hybrid | FIPS 204 (post-quantum) | Every Court-Ready Evidence Bundle is dual-signed; remains forgery-resistant after large-scale quantum computers. |
| MPC threshold signing | secp256k1 ECDSA + Ed25519 (per chain) | FIPS 186-5 | 2-of-3 user-controlled key shares; JIL never holds a complete key. |
| At-rest encryption | AES-256-GCM (per-record IV) | FIPS 197 | All databases and object stores encrypted; per-record IVs prevent ciphertext re-identification. |
| In-transit | TLS 1.3 only | FIPS 140-3 ciphersuites | TLS 1.0/1.1/1.2 disabled at edge; HSTS preload on the primary zone. |
| Key derivation | BIP-44 hierarchical deterministic | Bitcoin standard | Single master key derives chain-specific subkeys for 13 chains. |
MFA + WebAuthn passwordless on all admin paths. SSH key-only on infrastructure (no password auth). YubiKey hardware tokens for treasury operations. Quarterly access review.
Cloudflare WAF + DDoS at edge, TLS 1.3 only. Cloudflared tunnels (no public ingress to origin). Internal services bind 127.0.0.1 only. Read-only Docker rootfs + no-new-privileges on production services.
14-of-20 BFT consensus across 13+ jurisdictions. Adaptive quorum (70% target). SentinelAI Fleet Inspector with anomaly heartbeats. Per-validator unique SSH keys, rotated quarterly.
Append-only audit_log table with cryptographic seal. Pino structured logs across all 250 services. Time-synchronized (NTP). Administrator + operator actions logged separately from user actions.
Nightly Postgres dumps + WAL streaming to encrypted off-site object storage. Quarterly DR drill. RPO < 24h. RTO < 4h for read paths, < 12h for full settlement.
npm audit + Dependabot continuous. Trivy image scanning landing Q3 2026 with CVSS ≥ 7 build-block. Self-conducted vulnerability assessment refreshed quarterly. First formal third-party pentest Q3 2026.
Every third party that handles JIL data, with current contractual status. Reviewed quarterly. Last refreshed 2026-04-25.
| Subprocessor | Service | Region | Cert / posture | Status |
|---|---|---|---|---|
| Hetzner Online GmbH | Cloud compute, object storage | DE (Nuremberg, Helsinki, Falkenstein) | ISO 27001 | Active |
| Cloudflare, Inc. | Edge TLS, CDN, DNS, WAF, tunnels | Global | SOC 2 Type II + ISO 27001 + HIPAA-eligible | Active |
| GitHub (Microsoft) | Source code repository | US / EU | SOC 2 Type II + ISO 27001 | Active |
| Google Workspace (Alphabet) | Email, docs, video | US | SOC 2 Type II + HIPAA BAA available | Active |
| Stripe, Inc. | Payments + subscription billing | US | PCI DSS Level 1 + SOC 2 Type II | Active |
| Slack (Salesforce) | Internal team communications | US | SOC 2 Type II | Active |
| Smarty (SmartyStreets) | US + international address verification | US | Standard ToS + DPA | Active |
| Amazon Web Services, Inc. | US-region cloud compute, RDS, S3, ALB, ACM (PHI-eligible workloads) | US East (us-east-1) | SOC 2 Type II + ISO 27001 + HIPAA-eligible (BAA) | Active · deployed 2026-04-25 |
| OFAC, UN, HMT, OFSI, HHS-OIG, CMS, GLEIF, OpenSanctions, FATF, GSA / SAM.gov | One-way sanctions / regulatory data feeds (no JIL data sent) | Government / international | Public ToS | Active |
| Drata or Vanta (selection pending) | Compliance evidence automation | US | SOC 2 Type II (both) | Pending Q2 2026 |
| External pentest firm (NCC / Bishop Fox / Trail of Bits, TBD) | Annual third-party penetration test | US | CREST / OSCP qualified | Pending Q3 2026 |
A full subprocessor inventory including pending healthcare-specific verification APIs (NPDB, FSMB, CAQH, DEA Diversion, SSA DMF) and signed BAAs for PHI workloads is available under NDA on request.
Aggressive compressed timeline. All in-flight items target Q3 2026 completion.
16-policy compliance package signed (information security, access control, incident response, encryption, vendor management, etc.). First quarterly vulnerability assessment + IR tabletop completed. Personnel security awareness training cycle attested. AWS us-east-1 deployment LIVE since 2026-04-25 (us.jilsovereign.com, 7 PHI-eligible services, A+ TLS, nightly Hetzner→AWS replication).
First formal third-party pentest (NCC / Bishop Fox / Trail of Bits or equivalent). SOC 2 Type II report issued (compressed first-year observation period). HITRUST CSF v11 i1 (Implemented level) certification. Trivy CI image scanning live. Full MDM rollout. Drata or Vanta continuous-control monitoring. Background-check vendor active. First signed BAA + first PHI customer workload on AWS us-east-1. Healthcare-specific verification API integrations live (NPDB, FSMB DocInfo, CAQH ProView, SSA DMF, DEA Diversion).
ISO 27001 + ISO 27017 (cloud-controls extension), NYDFS Part 500, HITRUST r2 Validated upon UHG-class customer demand. Continuous control monitoring + automated evidence collection.
EU + US, both live. EU primary: Hetzner (Nuremberg, Helsinki, Falkenstein) for compute and object storage. US: AWS us-east-1 LIVE since 2026-04-25 (us.jilsovereign.com, BAA-eligible, 7 PHI services, nightly Hetzner→AWS replication). Edge via Cloudflare (global).
Documented IR Plan with detection < 5 min target, containment < 60 min for Sev 1, post-incident report within 14 days. Quarterly IR tabletop exercises. HIPAA breach notification path documented.
Standard DPA (GDPR Art. 28-compliant) on every customer engagement. BAA available for HIPAA-regulated workloads. Standard Contractual Clauses for cross-border transfers. Schrems II analysis on US-region routing.
All personnel: NDA, IP assignment, annual security + HIPAA awareness training. Production-access roles: background screening (in plan; vendor selection by first hire). Termination workflow within one business day.
10 active SCN validators across 13 jurisdictions; quorum continues at 14-of-20 BFT through any 6-validator outage. Multi-region active-active for read paths. Documented BCP refreshed annually.
Quarterly subprocessor review. Pre-onboarding security questionnaire + DPA + cert verification. Public subprocessor list (above) updated within 7 days of any change.
Procurement, security, and compliance teams can request the full set of NDA-gated artifacts: signed inventories, vulnerability assessment, IR tabletop reports, framework mapping spreadsheets (HIPAA, SOC 2, HITRUST, NIST CSF), encryption-policy detail, and Internal Compliance dashboard access. Two business day turnaround after MNDA execution.
Request artifacts under NDA →For coordinated vulnerability disclosure or security questions: security@jilsovereign.com · PGP key on request. We acknowledge within one business day and target a 90-day fix window for severity-rated findings (SLAs detailed in Vulnerability Management Policy, available under NDA).
JIL Sovereign Technologies, Inc. (Delaware C-corp) · Last refreshed 2026-04-26 · Refreshed monthly