Trust Center

myOneFlow helps organizations across the country protect their participants' most sensitive data.

Security, Privacy & Compliance

myOneFlow is committed to protecting participant and organizational data through strong security practices, enterprise-grade infrastructure, and industry-recognized certifications. Our platform follows modern security standards to ensure confidentiality, integrity, and availability of data for the workforce development, adult education, apprenticeship, and government organizations we serve.

Data is encrypted both at rest and in transit using industry-standard encryption protocols. myOneFlow operates within secure, certified cloud environments designed to meet stringent public-sector compliance requirements.

Infrastructure Security

  • Hosted in certified enterprise data centers located in Dallas, TX (Primary) and Columbus, OH (Secondary)
  • SOC 1 Type 2 certified infrastructure
  • SOC 2 Type 2 certified infrastructure
  • FISMA compliant hosting environment
  • PCI-DSS v4.0.1 compliant infrastructure
  • HITRUST CSF 11.4.1 r2 aligned environment
  • ISO 27001:2022 certified data center operations
  • Redundant backups and disaster recovery architecture
  • 99.9% uptime service availability commitment

Data Protection

  • AES-256 encryption for data at rest
  • SSL/TLS encryption for data in transit
  • Role-Based Access Control (RBAC)
  • Multi-Factor Authentication (MFA) support
  • Comprehensive audit logging and activity monitoring

Platform Certifications

  • ISO 27001:2022 Certification
  • SOC 2 Type 2 Certified
  • TX-RAMP Level 2 Certified cloud solution
  • COV-RAMP Certified by the Virginia Information Technologies Agency (VITA) for use by Commonwealth of Virginia state agencies

Compliance & Accessibility

  • myOneFlow supports government and public-service organizations through adherence to recognized compliance and accessibility standards:
  • TX-RAMP Level 2 Certification
  • COV-RAMP Authorization
  • VPAT 2.0 Accessibility Conformance Documentation
image 9

ISO 27001:2022

image 9 (1)

HITRUST CSF®

image 9 (2)

VPAT 2A

image 9 (3)

ISO 27001:2022

image 9 (4)

HITRUST CSF®

image 9 (5)

VPAT 2A

image 9 (6)

TX-RAMP Level 2 Certified

image 9 (7)

VITA-Approved Supplier

icon-park-outline_success

About us

We put people first

myOneFlow was developed by Empyra®, a leader in groundbreaking workforce technology solutions with over 30 years of experience in software development and consulting. Today, myOneFlow is one of the largest providers of social services case management solutions, serving state, local, and community agencies in workforce development, adult education, apprenticeship & more. With over a million users and counting, myOneFlow's configurable, codeless platform is transforming how service providers connect with their clients and their communities.

+

States nationwide

+

Organizations served 

Open
Open (1)

k+

Staff users

M+

Individuals Reached

icon-park-outline_success

Connect With Us

Let's Chat.

We look forward to hearing from you!

icon-park-outline_success

Read More

Recent Blogs

How AI Is Transforming Workforce Development Service Delivery
Key Takeaways AI in workforce development helps..

1 min read

Read more
Pay-for-Performance Apprenticeships: 2026 Model Overview & Playbook
Key Takeaways Funding now hinges on outcomes: The..

1 min read

Read more
View Blogs
icon-park-outline_success

FAQ

Frequently Asked Questions

How does myOneFlow protect PII?

myOneFlow protects personally identifiable information (PII) through multiple layers of security controls. Data is encrypted both at rest using AES-256 encryption and in transit using SSL/TLS encryption. Key fields within the system are encrypted and securely stored in the database. Access to participant data is controlled through role-based permissions, audit logging, and secure authentication practices to ensure only authorized users can access sensitive information.

Is client data segregated?

Yes. myOneFlow operates within a secure production environment that is separate from development networks, ensuring strong data isolation. Access to the production network is restricted to authorized system administrators and architects through secure VPN connections, helping maintain logical segregation and protection of client data.

How often are audits conducted?

myOneFlow environments and hosting infrastructure undergo regular independent security audits and compliance assessments as part of certified data center operations. The platform is hosted in facilities certified under standards such as SOC 1 Type 2, SOC 2 Type 2, FISMA, ISO 27001:2022, PCI-DSS, and HITRUST, which require ongoing monitoring, periodic audits, and continuous compliance validation.

Do you support single sign-on (SSO)?

Yes. myOneFlow supports secure authentication practices, including enterprise identity management integrations and secure access controls. Organizations can implement centralized authentication methods such as Single Sign-On (SSO) to simplify user access while maintaining strong security and compliance standards.

Where is data hosted?

All myOneFlow data is hosted within the continental United States.

Primary data center: Dallas, Texas

Secondary data center: Columbus, Ohio

The hosting environments are certified data centers meeting high security and compliance standards, including SOC 1 Type 2, SOC 2 Type 2, FISMA, ISO 27001:2022, PCI-DSS, and HITRUST certifications.

The Future Starts Now

Modernize program management at scale with an AI-driven, human-centered solution that empowers participants and staff. Join organizations nationwide transforming workforce development, work-based learning, adult education, and public service delivery with myOneFlow.

Request a demo
Compare packages