In Production Functionality - We already support patient APIs, developer documentation & support, API logging, and member consent workflow for access to clinical EHR data in production, being used by 650+ companies.
Business Continuity - All data is stored and backed up in multiple data stores as well as via standard AWS tools for backup and recovery.
Logging and Monitoring - Logs are stored in multiple places with both info, warning, and error logs persisted.
Based on Proven Technology - We leverage modern cloud best practices to harness the full power each AWS service.
TRIED & TESTED SECURITY + AUTHORIZED ACCESS
No Security Breaches - Our HIPAA compliant, SOC 2 audited platform has had no security breaches. We were the only winner of the security (hacking) phase of the HHS Secure FHIR Server Challenge.
Role Based Security Access - Auditing and RBAC are provided to manage deployments; we control these rights based on the cloud platform's built in roles and accounts.
Security Testing & Tools - Automated penetration tests run against our infrastructure in production. Bug bounty programs are in place for white hat hackers. Multiple code scan tools detect vulnerabilities.
World Class HealthTech Compliance
SOC2 Type 2
HIPAA
Red Flag Rule
PCI-DSS
NYS Breach
Framework for Critical Infrastructure for Cybersecurity