Security built for justice agencies
The agencies that run on eCourtDate trust it with their most sensitive records. The platform is CJIS compliant, hosted only in AWS GovCloud, and encrypted in transit and at rest.
- 10,000+
- Courts and justice locations
- 24
- States
- 99.95%
- Uptime SLA
- Zero
- Data breaches to date
Why it matters
Modern infrastructure is more secure than the systems it replaces
Legacy, on-premises, and mainframe systems were built before today's threats and are costly to keep patched. eCourtDate runs on a modern cloud built for government, so security, accessibility, and uptime come standard rather than as another project for a short-staffed team.
For leadership
A modern cloud platform with a 99.95% uptime SLA and zero data breaches to date. No on-premises hardware to buy, patch, or replace.
For IT and security
CJIS-compliant, hosted only in AWS GovCloud (US), FIPS-validated encryption, SSO, and audit logs that forward to your SIEM.
For your staff
Sign in with the credentials you already use. Privacy Mode protects juvenile and victim records. Nothing new to install or maintain.
How eCourtDate protects your data
Government-grade controls run on every agency tenant by default. No add-ons, no separate security product to license.
Government-Grade Encryption
Encrypted in transit with TLS 1.2+ and at rest with AES 256-bit, using FIPS 140-2/140-3 validated cryptographic modules. Every request requires a secure connection.
Isolated GovCloud Tenancy
A distributed, serverless architecture hosted exclusively in AWS GovCloud (US). Each agency runs in an isolated tenant with logical data segregation in its optimal region.
Role-Based Access Control
Granular create, read, update, and delete permissions per record type, so staff reach only what their role requires. Multi-factor authentication is required for administrative access.
Complete Audit Trails
Every action is logged in real time with request data, user identity, timestamps, and response codes. Logs are immutable, exportable, and retained for the life of the contract.
Layered Network Defense
Cloudflare Web Application Firewall and DDoS mitigation, Amazon GuardDuty threat detection, and DNSSEC, DKIM, DMARC, and SPF enforced on every domain.
SSO and Identity Federation
Single sign-on via SAML 2.0 and OAuth with Azure AD, Google Workspace, Office 365, Okta, and OneLogin. Staff authenticate with existing credentials. No separate accounts to manage.
Privacy Mode
Built for juvenile, victim, and other sensitive records
For agencies handling protected data, Privacy Mode hides personal information by default, limits who can reveal it, and removes it from reports and dashboards. Recipients verify with multi-factor authentication on time-limited sessions.
- Personal information fields hidden by default, with explicit access grants
- Inactive records auto-archived, then auto-purged after a configurable period
- Reports and public records exports redacted or masked
- Multi-factor authentication required for PII access, with 1-hour session limits
Independently verifiable
Compliance and certifications
Compliance with federal and industry security standards, verifiable at the source.
CJIS CompliantFBI Criminal Justice Information Services
AWS GovCloudIsolated U.S. government regionVerify
FIPS 140-2/140-3Federal cryptographic standardCSA STARCloud Security Alliance registryVerify
CISA CRRCyber Resilience Review
GovRAMP MemberListed on the Progressing Product listVerify
Hosting and data residency
Hosted only in AWS GovCloud (US)
eCourtDate is hosted exclusively on AWS GovCloud (US), an isolated region operated by U.S. citizens on U.S. soil for sensitive government workloads. All data is stored, processed, and transmitted within the United States.
The platform uses a distributed, serverless architecture with automatic failover for a 99.95% uptime SLA. Multi-region disaster recovery is tested quarterly, with a documented 4-hour recovery time objective and 1-hour recovery point objective.
Infrastructure partners, including AWS (compute and storage), Cloudflare (firewall and DDoS), and Azure (SSO integration), are contractually bound to security and privacy requirements consistent with CJIS and FIPS standards. The full subprocessor list is published in the Trust Center.
Last reviewed June 2026. Responsible disclosure: security@ecourtdate.com.
Talk to our security team
Request documentation, walk through a security questionnaire, or see the platform in a demo. Our U.S.-based team is ready.
