Software Status
(970) 425-6393 hello@advocateadvantage.com VSTracking Login →
Advocate Advantage

Security & Compliance

Your data is protected by the same infrastructure trusted by the U.S. Department of Defense.

VSTracking was built by victim advocates who understand the sensitivity of the information you handle every day. We take the security of your data as seriously as you take the safety of the people you serve.

Infrastructure & Encryption

Government-Grade Cloud Infrastructure

All VSTracking client data is hosted exclusively on Amazon Web Services GovCloud (US), an isolated cloud region designed to host sensitive government data and regulated workloads. AWS GovCloud meets the strictest U.S. government security and compliance requirements, including FedRAMP High baseline authorization. No client data is ever stored or processed outside of the GovCloud environment.

All data is encrypted in transit and at rest using FIPS 140-2 and FIPS 140-3 validated cryptographic modules — the same encryption standard required by the FBI’s Criminal Justice Information Services (CJIS) Security Policy and used by federal law enforcement agencies nationwide.

cybersecurity-is-defined-as-concept-data-protection-safe-internet-access

Security Pillars

Encryption

FIPS 140-2/140-3 Encryption

All data is encrypted at rest and in transit using federally validated cryptographic standards. Your client information is protected whether it’s being stored in our database or traveling between your browser and our servers.

Access Controls

Role-Based Access Controls

VSTracking includes six built-in access roles — from full administrative control to read-only and reports-only — so your agency can assign each user the appropriate level of access. Advocate-limited roles ensure that staff members see only the cases they are assigned to. Every access event is logged in a comprehensive audit trail, and multi-factor authentication is available for administrative access.

Personnel Security

Background-Checked Personnel

Every Advocate Advantage employee with access to client data undergoes a national fingerprint-based background check and completes annual CJIS Security Awareness Training and certification through CJISOnline.com — the same training required of law enforcement personnel.

Data Isolation

100% U.S.-Based Data Residency

Your data never leaves U.S. soil. All VSTracking client data is stored and processed exclusively within AWS GovCloud’s U.S. regions, operated by screened U.S. persons. We are a 100% USA-based company with no offshore operations or data processing.

CJIS Security Policy Alignment

Aligned with the FBI CJIS Security Policy

Many of our clients are law enforcement-based victim advocates and criminal justice agencies that must comply with the FBI’s Criminal Justice Information Services (CJIS) Security Policy. VSTracking’s security practices are aligned with the CJIS Security Policy’s requirements, including:

We are available to sign the CJIS Security Addendum with any law enforcement agency that requires it as part of their vendor compliance process.

Third-Party Data Isolation

Your Data Stays in Our System. Period.

VSTracking does not route your data through third-party automation platforms, consumer integration services, or external analytics tools. All client data remains within our AWS GovCloud environment at all times.

Some case management platforms advertise integrations with third-party automation tools that route data through commercial servers lacking government-grade security controls. When victim data flows through services that have not signed a CJIS Security Addendum, do not maintain FIPS-validated encryption, and are not operated by background-checked personnel, the convenience of automation comes at the cost of the confidentiality protections your agency is required to maintain.

VAWA, VOCA, and FVPSA all require grantees to make reasonable efforts to prevent the inadvertent disclosure of victim personally identifying information — especially when using any third-party database or system managed by an outside company. VSTracking is designed to keep your data within a single, secure, government-grade environment so you never have to question whether a third-party service is putting your compliance at risk. This includes Al and analytics features that process your data through external machine learning providers.

Vertical photo about the concept of cybersecurity, protection of the user's private data, files and documents. Security screen on the Internet. SSUCv3H4sIAAAAAAAACpySwW7CMAyG75P2DlXOVGpJKYVXQTu4SaAWIUFJyjQh3n1O0qLsulv92f7tP+7z86Oq2AgeBTtWzxhRjFrPPjgIaA3hZrNwp4xUriQPx/umBIBlpCQG6xB0CUcIYjJwUwTNrHXEr5RkPkCYvfJxlwUJCOpCGhm+JfLCpxxXayIlqYNSjG0K5ucxsRVl8X915o+vt+GLMuInLVwYcUoryEZOuZRdv4Nyt9IazBJt4ephBehYwAslwDs4+NN3dyjQXApiw5TusioJO5vg4lZvM0xbe4dRx1c/0xi18gm8p3K58mK2oL/A3oo5xobkaVFlko4Tw5bzPe/anvddy4d2v+NLQT7ohKST1lmFKBZXlKUrjBuwLUgxysOuHttuqLtGbOvDANt66M/NTjRn3rcHusXrFwAA//8DAPcnp2a5AgAA

For Grant Administrators

Confidence for Grant Administrators & Funders

If you’re evaluating VSTracking as part of a VOCA or VAWA-funded program, here’s what you need to know: 

Questions About Our Security Practices?

We’re happy to discuss our security practices in detail, provide documentation for your compliance files, or sign a CJIS Security Addendum for your agency. Contact us or schedule a call to learn more.

Contact Sales

Let's talk

Ready to give your team back its hours? We'd love to show you how.

Schedule a free 20-minute walkthrough with someone who's actually used the software in the field. No sales-engineering tag-team, no slide deck — just your questions and a real screen.

Schedule a Call Start Free Trial

Or reach us directly

Phone (970) 425-6393
Email hello@advocateadvantage.com
Hours Mon–Fri · 8a–6p Mountain
Office 1423 E. Main Street, Cortez CO 81321