Security Policy of Cliniceo Platform
Clinics have entrusted us by using our platform to manage their data and safe-keeping of confidential medical records. The security of patient data is utmost important to us while we architect and build the platform. We consider security as the key aspect at every step of our work that we do at Cliniceo™. We have taken all essential security measures mentioned below while building this Cliniceo™ Software platform.
Let’s secure what matters the most first – the clinic data belongs to you, not to us. We are only custodians of that data, not the owner. We use all means necessary to ensure the data is secured from all threats internal or external. Under no circumstances is your data open to any kind of usage, de-identified or otherwise, for any purpose, other than to troubleshoot an issue reported by the owner of the data i.e., you. Although Cliniceo™ hosts and protects your data, you retain full control over it. You can access it at any time and from multiple locations. You have the ability to export, transfer and download with no risk to your data’s security. The data is made available in universal formats of csv.
Your account gets marked for deletion. At the end of 90 days, it will be wiped clean off our systems.
Any server on a public network can become the target of hackers. Thus, knowing how to ensure a system’s security is an important responsibility for anyone working with a server. From initial server setup to scaling and server maintenance, security is a vital and ever-changing consideration. We partnered with one of the Industry’s top infrastructure-as-a-service (IaaS) platforms, headquartered in New York.
They help us create managed clusters just by specifying the size and location of worker nodes. They have global availability, present across multiple countries.
Our infrastructure scales up, the application is capable of scale up/down and traffic is distributed across infrastructure.
The cloud service provides managed databases, facilitates to store and retrieve any amount of data (audio, video, etc.). The platform provides SSD-based storage to ensure the performance of data retrieval from the storage. Backups and snapshots of the servers can be scheduled and automated.
Even if application services implement security features or are restricted to the interfaces that they like to run on, a firewall serves as a base layer of protection by limiting connections to and from application services before traffic is handled by an application. Cloud firewalls offer another security layer in addition to the security provided at the application layer.
API access is not public and only can be accessed by valid tokens and API keys. Throttling limits are in place to mitigate DDOS and brute force attacks at the platform level.
Cliniceo™ maintains a backup of the database and server instances using restore capabilities. The data on Cliniceo™ platform is safe and regular backups are taken.
Who can access data within your organization is controlled by user authentication & authorization, well-defined roles & strong login passwords. The accessibility of data is restricted based on the employee role.
The Super Admin or Clinic Managers can revoke access privileges from any of the organization members at any point of time.