Data Protection & Encryption

• Encryption in transit: All data transmitted between users and our servers is encrypted using TLS (Transport Layer Security).
• Encryption at rest: Sensitive information is stored using AES-256 encryption, the industry standard for data protection.
• Secure backups: Regularly scheduled backups ensure your data is safe and recoverable in the event of unexpected incidents.

Access Control & Authentication

• Role-based access: Users are granted access based on their role, ensuring they only see information relevant to their responsibilities.
• Multi-factor authentication: Additional security layers protect user accounts from unauthorized access.
• Audit logs: All user activity is logged to maintain accountability and traceability.

Compliance & Privacy

• Compliance: Our platform is designed to handle protected health information (PHI) and personally identifiable information (PII) safely and securely as per HIPPA and SOC2 standards.
• Data retention policies: We retain data only as long as necessary and in accordance with applicable laws and best practices.
• Regular audits: Security protocols and systems are continuously evaluated to identify and mitigate risks.

Physical & Operational Security

• Secure data centers: Servers are located in SSAE 18 SOC 2 Type II-compliant facilities with 24/7 monitoring.
• Operational safeguards: Employee access to sensitive systems is strictly controlled and regularly reviewed.
• Incident response: We maintain a documented process to respond swiftly to potential security events.

Continuous Improvement

Questions or Concerns?