Every two minutes Pyrenth checks each control against the running application and updates the list below. No patient health information appears here. The real evidence files a third party assessor reviews sit behind the assessor sign in.
| Control | Framework | Status | Detail |
|---|---|---|---|
| TIC3-UC1 | TIC-3 | Pass | Backup network provider configured (aws-direct-connect-secondary) |
| TIC3-UC2 | TIC-3 | Pass | Protective DNS resolver configured (cloudflare-1.1.1.1); cloudflare=true quad9=false umbrella=false |
| TIC3-UC3 | TIC-3 | Pass | TLS 1.3 minimum + RSA-3072 (>=3072 TIC 3.0 requirement) |
| TIC3-UC4 | TIC-3 | Pass | TIC 3.0 logging + monitoring active (Sentry DSN configured (https://e36d88aff3690d03ca2cfc891b59d4b0@***)) |
| TIC3-PEP-EMAIL | TIC-3 | Pass | SPF + DKIM + DMARC all configured for outbound email domain (no placeholder values) |
| TIC3-PEP-CLOUD | TIC-3 | Pass | Cloud hosting in FedRAMP-authorized provider (aws-govcloud) |
| TIC3-PEP-WEB | TIC-3 | Not applicable | Pyrenth is a SaaS that serves content rather than browses outbound; PEP-Web is more applicable to client-side workstations |
| TIC3-NCPS | TIC-3 | Not applicable | NCPS integration is a federal-agency obligation; commercial SaaS partners do not register directly |