...
Segregated databases for each client
Dedicated and separate AWS infrastructure per client that handles PHI data.
Private public encryption key schema for PHI data where B4C cannot access it. Only clients in an active user session can do ti it via dedicated AWS infrastructure.
Client defined auto logoff policy for user session inactivity
Client defined auto user suspension policy for an inactivity period
Client defined password policy
Client defined data purge policy
Full system audit log for over 30 user operationoperations
What are the resilience features built into your system?
...
Yes. The B4C System has secure APIs to integrate with customers EMR (Electronic Medical Record) to allow for seamless and secure clinical information flow. This functionality is included via joint brain4care and client IT team project.
Do you have a machine-readable SBOM of all software used in your system?
Yes. Such request requests should be sent to security@brain4.care or via requests using our help.brain4.care portal.
...
Only brain4care authorized representatives have access to and are allowed to view, manage, and change device configurations. In B4C System’s case, the above-mentioned configuration is for the sensor itself.
How are forensic log files collected and managed?
...
Forensic data at brain4care is collected in two ways:
...