Updated December 4, 2023

ITI Products Service Levels

Customer Service

Customer Support Channels	Phone and Email
Days	Monday - Friday Excluding Holidays
Hours	Email and Phone 7:00 a.m. - 8:00 p.m. (Eastern)
Holidays	Legal Holidays: New Year’s Day, Memorial Day, Independence Day, Labor Day, Veteran’s Day, Thanksgiving Day, Day after Thanksgiving, Christmas Eve, Christmas Day.
Holidays Hours	May 27, 2024 - Memorial Day: Closed All Day July 4, 2024 - Independence Day: Closed All Day September 2, 2024 - Labor Day: Closed All Day November 11, 2024 - Veteran's Day: Closed All Day (Customer Success Only) November 25-27, 2024 - Holiday hours: 8 a.m. - 6 p.m., (Eastern) November 28-29, 2024 - Thanksgiving Holiday: Closed All Day December 16-22, 2024 - Winter Holiday Hours: 8 a.m. - 6 p.m., (Eastern) December 24-25, 2024 - Christmas Holiday Observed: Closed All Day December 26-31, 2024 - Winter Holiday Hours: 8 a.m. - 6 p.m., (Eastern) January 1, 2025 - New Year's Day: Closed All Day
Exceptions	Circumstances beyond Infotech’s reasonable control, including, without limitation, acts of any governmental body, war, insurrection, sabotage, embargo, fire, flood, storm, strike or other labor disturbance, interruption of or delay in transportation, unavailability of or interruption or delay in telecommunications or third-party services, failure of third party software or inability to obtain raw materials, supplies, or power used in or equipment needed for provision of the Service Level Agreement.

Service Reliability

Uptime Commitment	99.99%
Calculating Uptime	AWS Route53 Health Checks polls all of our sites every minute. Every night after midnight we count all of the minutes we were up and divide by 1440 to get our percentage of uptime for the day. Our total uptime is a rolling 365-day average.
Disaster Recovery Plan	Infotech maintains a disaster recovery plan that will be executed in the event catastrophic damages result from circumstances outside of Infotech’s control. Infotech updates its disaster recovery plan on an annual basis.
Planned Outages	Planned outages will be done outside of the peak service hours of 7:00 a.m. - 8:00 p.m. ET. We will notify our users seven days prior to planned outages lasting one hour or more. Planned outages lasting less than one hour will receive 24 hours notice.
Recovery Time Objective	In the event of a data center failure, the recovery time is up to one hour.
Recovery Point Objective	The real-time replication across multiple data centers and separate geographical regions allow for no data loss in the event of a catastrophic incident.
Unscheduled Interruption	Unscheduled interruptions will be reported within 30 days of Infotech’s receipt of a request for explanation.
Exceptions	Circumstances beyond Infotech’s reasonable control, including, without limitation, acts of any governmental body, war, insurrection, sabotage, embargo, fire, flood, storm, strike or other labor disturbance, interruption of or delay in transportation, unavailability of or interruption or delay in telecommunications or third-party services, failure of third party software or inability to obtain raw materials, supplies, or power used in or equipment needed for provision of the Service Level Agreement.

Issue Resolution

Response time

We respond to all customer email inquiries within one hour during our normal business hours.

Defect Classifications

Issues are classified in the Critical, High, Medium, and Low categories.

Resolution of Critical Defects

We aim to resolve critical issues within 24 hours.

Critical issues are production issues that severely impact customer use of the service.

The situation halts customer business operations and no procedural workaround exists.
Service is down or unavailable.
Data is corrupted or lost and must be restored from backup.
A critical documented feature/function is not available.

Critical issues may require customer to have dedicated resources available to work on the issue on an ongoing basis with Infotech. If customer does not provide such dedicated resource, then Infotech shall not be liable for related delays.

Upgrades and Updates

Release Process	Upgrades and updates that may impact the normal use of the service will occur after Infotech business hours, usually between 9:00 p.m. - 7:00 a.m. ET. The release of upgrades and updates is not considered a downtime factor. Updates released during Infotech business hours will not interrupt use or access to the service.
Release Notes	Release notes are posted within one (1) business day of a release. Release notes include upgrades and updates that affect the user workflow.

Security

Multi-tenant Data	All uploaded tenant data is flagged with the appropriate owner/tenant and only tenant-identified users with appropriate access are able to modify and view the data. Any requirement to gather data for a specific agency would be segregated per the appropriate tenant flag identifier. Data is classified and access is controlled via each application. Tenants are able to specify various user levels to control access. Infotech has administrator and support account classifications in order to restrict tool and data access to all tenant data. All of our services communicate via HTTPS, a secure, encrypted method of data transfer.
User Access	User access to the applications will be tightly restricted and available over the Internet only, using Secure Sockets Layer/Transport Layer Security (SSL/TLS) encryption.
Certifications	SOC 2 Type 2 and PCI Compliant
Security Standards	NIST Moderate Impact Controls
Encryption	All data in our services uses AES 256 encryption. All data stored at rest in the underlying storage, or in transit between the application servers and databases and between the end users and applications, is encrypted. Automated backups and snapshots are also encrypted at rest.
Compliance Programs	Tenant environment is hosted through AWS which is compliant with several federal standards. AWS Compliance Programs
Penetration Testing	We undergo an annual third party assessment of our security architecture and a gap analysis to see how we match up against industry standards.
Notification of Breach	We take reasonable, industry-standard measures to protect and secure electronic data containing personally identifiable information and sensitive information. We encrypt your information when it is stored and transmitted. Should we experience a breach in security, we will investigate and take all required and appropriate actions based on the results of our investigation, consultation with local and state government officials, and pursuant to Florida and federal law.
Password Requirements	Our password requirements meet industry standards as defined and verified through a third-party vendor conducting annual security and penetration testing.
Data Storage Location	We store all customer data exclusively within the Continental United States ("CONUS").