IMP was designed from day one for industries that handle sensitive data — healthcare, legal, education, and government. Security isn't an add-on. It's the foundation.
Every one of IMP's 22+ database tables has Postgres Row Level Security policies active. This means data isolation is enforced at the database engine level — not in application code. Even if there were a bug in the frontend, a user could never query another agency's data. The database simply won't return it. This is the same architecture used by enterprise multi-tenant platforms, and it's active on every IMP instance from day one.
Three distinct user roles — Admin, Interpreter, and Client — each with their own portal and data access boundaries. Admins manage everything. Interpreters see only their jobs, schedule, and pay. Clients see only their invoices and job history. There is no role-switching or shared interface. Each portal is purpose-built to show only the data and actions relevant to that role.
Every API request to IMP's edge functions is authenticated via JSON Web Token verification. Tokens are validated for expiration, signature integrity, and user identity before any data is accessed. Expired, tampered, or missing tokens are rejected immediately — no data is returned, no action is taken.
All user-submitted content — custom field values, notes, addresses, names — is passed through a sanitization function before rendering in the UI. This prevents cross-site scripting attacks from any input field across the platform. The sanitization is applied universally, not selectively.
API keys for email providers, QuickBooks OAuth tokens, Stripe API keys, and SMTP passwords are masked in the UI after initial entry. They're stored securely and never displayed in full again — preventing accidental exposure in screen shares, screenshots, or over-the-shoulder viewing.
Stripe webhook events are verified using cryptographic signature validation before being processed. This prevents spoofed payment notifications from altering invoice status or recording fraudulent payments. Invalid signatures are rejected and logged for review.
IMP tracks 10 key actions across the platform: account saved, job broadcasted, interpreter confirmed, job completed, job cancelled, no-show marked, invoice generated, invoice voided, payment recorded, and billing edited. Every entry records the actor, action, entity, details, and timestamp. Logging is fire-and-forget — it never blocks normal operations even if the log write fails.
Compliance training modules for HIPAA (healthcare) and FERPA (education) are embedded directly in the interpreter portal. Interpreters complete training inside the platform — no external links, no separate LMS, no tracking spreadsheets. Modules include a fullscreen toggle for focused learning.
IMP runs on Supabase (managed Postgres with built-in auth and RLS) with the frontend deployed on Vercel's edge network. All data is encrypted in transit via TLS. Database backups are automatic. The architecture is designed for reliability, performance, and security at every layer.
Review our terms and privacy policy. Both are accessible from the platform login page and available to all users at any time.
We're happy to walk through our security architecture in detail during a demo or answer specific questions.