CLEARED4 and HIPAA Compliance
Security and privacy is a key concern for CLEARED4. All user data is encrypted before it is written to disk with 256- bit AES and each encryption key is itself encrypted with a regularly rotated set of master keys. All data over the Internet is secured with SSL (HTTPS).
API’s are highly secured and the database is set up with strict security rules, controlling access for different users on a data level.
Tools used by any user requires two-factor authentication with email, password and one-time-code sent to SMS. Activity in these tools are logged.
The Support login discloses only the data needed on a daily basis, such as the day-by-day status for each user, but does not include individual answers, symptoms etc.
The CLEARED4 platform is both HIPAA and FERPA compliant.