Security & evidence integrity

Evidence integrity

Originals are never modified. Edits happen on a working copy. Every action is logged and attributable, producing a defensible chain of custody you can show in court.

Encryption and access

Evidence is encrypted in transit and at rest. Each office's data is isolated from every other office, and we apply least-privilege access controls so people see only what they should. Data is hosted in the United States.

Audit and accountability

Every action is recorded in an audit log, attributable to a person and a time. Those logs capture events, not the sensitive content of your evidence. Together with preserved originals, they support a defensible chain of custody.

CJIS and compliance

We align our security controls with the FBI's CJIS Security Policy at the application layer. There is no FBI "CJIS certification" for vendors: criminal-justice agencies are the ones audited, and we support that process, including completing the security documentation and addenda an agency requires.

Compliance documentation is available to evaluating agencies on request.

Accessibility

Sift Evidence is built to meet WCAG 2.2 Level AA. A VPAT / Accessibility Conformance Report is available on request. Learn more →