We take the security of your data and our systems very seriously. Here are the comprehensive security measures we have implemented to protect your information:
1. Hosting by Amazon Web Services (AWS): Our servers are hosted on AWS, a trusted and secure cloud platform with advanced infrastructure and security features.
2. HTTPS/SSL/TLS: Our website uses HTTPS with SSL/TLS encryption to ensure that all data transmitted between your browser and our servers is secure and protected from eavesdropping and tampering.
3. Database Encryption: All sensitive data in our databases is encrypted, providing an additional layer of security to safeguard your information in the event of unauthorized access.
4. Audit Logs: We maintain detailed audit logs that track and monitor all activities on our servers, allowing us to quickly identify and respond to any unauthorized access attempts or anomalous behavior.
5. Two-Factor Authentication (2FA): We have implemented two-factor authentication, requiring an additional verification step beyond your password to access your account. This added layer of security helps prevent unauthorized access.
6. EC2 Deployment and PEM Access Control: Our use of Amazon EC2 for server deployment and PEM access control ensures that our servers are securely deployed and access is tightly controlled, further enhancing our security measures.
7. Detection: We have a robust breach detection and response plan in place, including intrusion detection systems, security information and event management tools, and a comprehensive incident response plan. We regularly conduct security audits and penetration testing to proactively identify and address potential vulnerabilities.
8. HIPAA Compliance: Furthermore, we want to assure you that our security measures align with HIPAA compliance standards. This means that we adhere to the strict regulations set forth by the Health Insurance Portability and Accountability Act (HIPAA) to ensure the protection of sensitive health information.
By being fully HIPAA compliant, we are committed to safeguarding your information and maintaining the confidentiality, integrity, and availability of your data. Our compliance with HIPAA regulations includes strict access controls, encryption of data at rest and in transit, regular risk assessments, and comprehensive policies and procedures to protect your health information.
You can have confidence that your data is handled with the utmost care and in accordance with the highest standards of security and privacy.