Field-level encryption at rest
Phone numbers and emergency contacts are encrypted with AES-256-GCM in the database itself — not just "encrypted disk" at the infrastructure layer. A snapshot of the database doesn't expose them.
Compliance & Security
Built around the data you can't afford to leak.
Crew data is sensitive. Phone numbers, emergency contacts, signed agreements, consent records — none of it should be sitting in a spreadsheet someone forwarded to themselves. CrewDone treats it that way from the data layer up.
Protection
Four pillars, not a checkbox.
These aren't bullets bolted on for a security review. They're how CrewDone is built.
Blind-index lookup for inbound SMS
Inbound texts route to the right person without ever decrypting their phone number for the lookup. The plaintext is never read on the hot path.
TCPA-compliant SMS outreach
Consent is captured with a TCPA disclosure step, stored with a full audit trail. SMS only goes to crew who have actively opted in — and only via the channels they consented to.
Multi-tenant isolation in the query layer
Every query is scoped to an organization at the database layer, not just hidden in the UI. Cross-tenant data leakage isn't an oversight risk — the data structurally can't be returned.
Eligibility
Compliance drives who can actually be booked.
Eligibility isn't a flag a coordinator toggles. It's derived, in real time, from the compliance evidence on file. That means an expired certification automatically blocks new bookings — no human needs to remember.
- Step 1
Org defines compliance packages
A package is a set of required items — certifications, training, signed acknowledgements — for a kind of work or location.
- Step 2
Crew submits evidence
Crew uploads or attests to each item directly in their portal. PMs and admins review and approve.
- Step 3
Eligibility is derived, not declared
A crew member is eligible when every required item across applicable packages is approved and unexpired. Status is computed, not toggled.
- Step 4
Ineligible offers are blocked
If a crew member isn't eligible, CrewDone blocks the booking offer at the source — before it goes out, not after the call sheet drops.
SMS & consent
Every text message has a paper trail.
CrewDone's SMS outreach runs through a TCPA-compliant consent flow. Crew opt in explicitly, the disclosure is captured with timestamp and content, and opt-outs are honored immediately and tracked. Delivery state — including terminal failures — is captured from the carrier and reflected in the system of record.
- Explicit TCPA disclosure on opt-in
- Consent recorded with timestamp and content shown
- Opt-out honored immediately, tracked permanently
- Carrier delivery state captured for every message
Audit trail
If it changed, you can see who changed it.
CrewDone records the events that matter — not just login activity, but the moves that actually affect crew, contracts, pay, and consent.
- Status transitions on every booking day
- Consent given or revoked, with timestamp and channel
- Cancellations, with stage and acknowledgement
- Compliance approvals and expirations
- Execution Change Requests, proposals, and resolutions
Have a security review coming up?
We're happy to walk your team through how CrewDone handles encryption, consent, and tenant isolation — and answer the questions your legal and IT folks will ask.