We do our best to keep your data secured. There are always risks to putting PHI (Protected Health Information) online. We do not meet the criteria necessary to be called HIPAA compliant. You can read more about that on our HIPAA page and our terms of service.
These are some of the security measure in place to protect your data.
Data in transit is always encrypted.
All connections are served over HTTPS and never HTTP
Data is siloed.
Each customer's data is stored in a separate database. No two customers share a database. Each customer has separate database credentials that cannot access any other databases.
Your data is only accessible by logging in. It is not exposed publicly to the internet.
The VPS (virtual private server) we use is only shared amongst the other customers of this site and does not host any other websites.
AES-256 Encrypted backups.
We encrypt your backups using AES-256 encryption.