Protected at every layer
Security isn't a setting you turn on — it's how ArrivSure is built.
Encrypted at rest & in transit
All data is encrypted with AES-256 at rest and TLS 1.3 in transit — from the kiosk in your lobby to the dashboard on your desk.
Granular role-based access
Company, facility, and receptionist roles with per-user permission overrides. Healthcare/PHI access is gated off by default and granted only where needed.
No selling, no tracking
We never sell personal information. Our apps ship with zero third-party advertising or cross-app tracking SDKs.
Biometric app security
The staff Companion app supports Face ID / Touch ID app lock, with tokens stored in the device Keychain and re-auth after inactivity.
Physical tenant isolation
Data-feed directories are chrooted per company, and identity always comes from the SFTP account — never from what a file claims — so one tenant can never reach another's data.
Access that self-expires
Staff accounts provisioned from a roster feed are deactivated automatically the moment the employee leaves it, so access never outlives employment.
An immutable record of everything
ArrivSure captures a complete, append-only audit log across your whole organization — the evidence you need for a HIPAA audit, SOC 2 review, or state survey, in one exportable place.
Staff messaging that survives an audit
Replace personal texts and group chats with internal messaging that's encrypted at rest and cryptographically verifiable — so sensitive coordination stays inside a system you control.
Legal holds & e-discovery, built in
When litigation or a subpoena hits, you're ready. ArrivSure includes enterprise legal-preservation tooling most visitor-management platforms simply don't have.
Least-privilege by default
Role tiers & overrides
Global, company, and facility admins plus receptionists — with per-user permission overrides and reusable templates.
PHI access gating
Healthcare data is walled off behind a dedicated permission that's disabled until explicitly granted.
Audited support access
Support impersonation / view-as is fully logged, so every action taken on your behalf is accountable.