Loading analytics...
← Back to Reports
Reports
Loading reports...
Loading inspector data...
Loading carrier data...
Carrier Tokens
Issue read-only portal access to carrier teams
Active carrier tokensLoading...
Loading...
Carrier Tokens
Issue read-only portal access to carrier teams
Active carrier tokensLoading...
Loading...
HOLD Routing & SLA
Loading...
Team Access
Loading...
Weather Intelligence
—
Hail records
—
FEMA declarations
—
HAAG thresholds
Weather verification
NOAA SPC + FEMA + HAAG
Street address
Date of loss
HAAG damage threshold
by material + hail size
Hail size (inches)
Material type
Xactimate price validation
RS Means regional benchmarks
Line code
Submitted price ($)
State
Common codes: RFG 220 (3-tab) · RFG 240 (arch) · RFG 260 (Class 4) · RFG PIPE · RFG HVAC · RFG VALLEY · GTR 5IN · RFG RIDGE · TRP STD
Data sources
Loading...
| Source | Records | Coverage | Status |
|---|---|---|---|
| Loading... | |||
Compliance Log
Loading...
Data Security
In-Transit Encryption
✓
TLS 1.2+ on all external connections
All traffic between inspector devices and IQ Audit is encrypted via HTTPS. No data traverses the public internet unencrypted.
✓
Response payload signing (HMAC-SHA256)
Every result returned to the inspector portal carries a cryptographic signature verifying the payload was not altered in transit.
✓
Security hardening headers on all responses
HSTS, X-Content-Type-Options, X-Frame-Options, Referrer-Policy, and Permissions-Policy enforced on every response.
Data At Rest
✓
PII vault - AES-256 encrypted at rest
All PII is encrypted before storage. Raw personally identifiable information is never written to disk unencrypted.
✓
Passkey-gated PII reveal with audit trail
PII access requires passkey authentication. All reveal events are logged with timestamp and IP. Reveals auto-revert after 5 minutes. Rate-limited to 3 attempts per 60 seconds.
✓
PDF files purged after processing
Source PDF files are deleted immediately after extraction completes. No raw claim documents are retained on disk.
Access Control
✓
Role-separated portals with token authentication
Client portal, inspector portal, and admin endpoints use separate tokens. Inspector devices receive only QA disposition - no raw field data, policy holder, adjuster, or address is transmitted to the field.
✓
Admin and sensitive endpoints - localhost only
All /run, /vault, /reveal, /admin, and /access_log endpoints are restricted to localhost and cannot be reached externally.
✓
API key authentication for direct integrations
Direct API access requires a hashed API key via X-API-Key header. Keys are stored as hashes - plaintext is never retained after issuance.
🔒
All inference runs on a dedicated private cluster. Claim documents and extracted data are never transmitted to third-party AI providers, cloud inference endpoints, or external model APIs. Your data does not leave the IQ Audit processing environment.
Carrier Rules
Manage carrier-specific QA rules. Changes take effect on the next report run.
Loading rules...
Add Carrier Rule