| Table of Contents | ||
|---|---|---|
|
What are the key security measures built into your system?
Segregated databases for each client
Dedicated and separate AWS infrastructure per client that handles PHI data.
Private public encryption key schema for PHI data where B4C cannot access it. Only clients in an active user session can do ti via dedicated AWS infrastructure.
Client defined auto logoff policy for user session inactivity
Client defined auto user suspension policy for inactivity period
Client defined password policy
Client defined data purge policy
Full system audit log for over 30 user operation
Do you encrypt data at rest?
YES. All PHI (protected health information) is encrypted at rest. This data is encrypted at source using the public key from a client specific public-private encryption key schema. Only our clients, in an active user session, can access PHI data that is served via a dedicated client AWS infrastructure that brain4care does not have access to.
Where are your servers located?
For US customers, all servers are located in the US territory.
How to you backup data?
All data is stored in our HIPAA certified cloud infra-structure with daily backups.
Do you support Single Sign-On (SSO)?
Yes. The B4C System has SSO capabilities to integrate with customers AD (Active Directories) to allow for seamless and secure system login. This functionality is included via joint brain4care and client IT team project.
Do you support EMR integration?
Yes. The B4C System has secure APIs to integrate with customers EMR (Electronic Medical Record) to allow for seamless and secure clinical information flow. This functionality is included via joint brain4care and client IT team project.
Do you have a Software Bill of Material for all softwares used in you system?
Yes. Such request should be sent to security@brain4.care or via requests using our help.brain4.care portal.