TyriaCore Security Measures Addendum
Last Updated: February 20, 2026
This Security Measures Addendum ("Security Addendum") summarizes Provider's security controls and Customer responsibilities.
This Security Addendum is incorporated by reference into the Agreement between Provider and Customer to the extent referenced in an Order Form or otherwise incorporated into the Agreement.
Order of precedence. If there is a conflict between this Security Addendum and the Agreement (or an Order Form, SOW, DPA, or BAA), the order of precedence in the Agreement controls. If there is a conflict with the BAA regarding PHI, the BAA controls.
No guarantee / no expanded liability. This Security Addendum does not guarantee that Customer Data will be secure against all threats. Provider's disclaimers, limitations of liability, and remedies limitations in the Agreement apply.
1. Scope of Security Commitments (Production Scope)
Provider's formal security and compliance controls apply to TyriaCore production systems ("Production") that deliver the Subscription Services.
Non-production environments (including sandbox, demo, pre-production, and development/test) may be excluded from formal compliance scopes and are intended for development and validation.
2. PHI in Non-Production Prohibited
Unless expressly authorized in writing by Provider and safeguarded appropriately:
- PHI is not permitted in non-production environments.
Provider maintains controls intended to prevent production PHI or production Customer Data from being used in non-production environments absent such authorization.
3. Security Program (SOC 2-Aligned Controls)
Provider maintains an information security program designed to align with recognized industry frameworks, including SOC 2-aligned controls.
If Provider has a SOC 2 report available for distribution, Provider will make it available to Customer under NDA upon request.