Versions Compared

Old Version 2

changes.mady.by.user Claudio Menegusso

Saved on

compared with

New Version 3

changes.mady.by.user Claudio Menegusso

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Segregated databases for each client

  • Dedicated and separate AWS infrastructure per client that handles PHI data.

  • Private public encryption key schema for PHI data where B4C cannot access it. Only clients in an active user session can do ti via dedicated AWS infrastructure.

  • Client defined auto logoff policy for user session inactivity

  • Client defined auto user suspension policy for inactivity period

  • Client defined password policy

  • Client defined data purge policy

  • Full system audit log for over 30 user operation

What are the resilience features built into your system?

-explain how the system is designed to specify the level of resilience (independent ability to function) if communication between one component and other component of the system is disrupted. Describe potential disruption that could be considered significant.

-explain how the system is designed to be resilient to possible cyber incident scenarios such as network outages, Denial of Service, excessive bandwidth usage by other products on the same network, disrupted Quality of Service, and/or excessive jitter

-explain how the system is designed to be resilient to possible noise, if applicable

Do you encrypt data at rest?

...

Yes. The B4C System has secure APIs to integrate with customers EMR (Electronic Medical Record) to allow for seamless and secure clinical information flow. This functionality is included via joint brain4care and client IT team project.

Do you have a

...

machine readable SBOM of all software used in

...

your system?

Yes. Such request should be sent to security@brain4.care or via requests using our help.brain4.care portal.

How do I recover device configuration?

Only brain4care authorized representatives have access to and are allowed to view, manage and change device configurations. In B4C System’s case, the above mentioned configuration is for the sensor itself.

How are forensic log files collected and managed?

-describe how forensic log files are collected including how, where, what format they are located, stored, recycled, archived, and how it can be read by automated security analysis software

Is there an anticipated cyber-security end of support and end of life?

No. brain4care is fully committed to cyber-security coverage throughout the period of any user actively using the B4C System