Skip to main content
All CollectionsFAQ
Data Security Information
Data Security Information

Learn about how we keep your client, patient and business data secure.

Blake Nadilo avatar
Written by Blake Nadilo
Updated today

Overview

Protecting the security of customer data and of our software is one of our top priorities. We employ numerous measures to deliver industry leading, enterprise-grade security in the cloud.

Physical Security

We proudly partner with Amazon Web Services, the world’s largest hosting provider. Physical security at Amazon data centers includes:

  • Perimeter and building access monitored by security personnel and video surveillance

  • Intrusion detection systems

  • Access limited to people with legitimate business purpose

Monitoring

We monitor our infrastructure using multiple tools to ensure optimal system performance and availability including:

  • Amazon Cloud Watch for resource monitoring

  • System availability and performance monitoring

  • Monitoring for unauthorized access attempts

Infrastructure

Our infrastructure is built on industry-leading core security services provided by Amazon. These services meet or exceed the industry’s top security ratings and standards, including HIPAA. In addition, we employ the following measures system performance and availability including:

  • Servers run hardened Linux with regular patching

  • Multiple firewalls with strict security group access control lists

  • Public/private key authentication for server access

  • Bastion server access controls for all servers

  • All login activity is logged and reviewed regularly

Data Encryption

All data that is transmitted between our servers to a browser is encrypted using HTTPS/SSL. Our software forces secure browser connections to ensure that data can only be transmitted in encrypted format. Our SSL configuration is regularly audited and configured to ensure that it is optimized. Only the strongest security protocols and encryption cyphers are used. Weak or compromised security ciphers are actively removed. Our SSL configuration receives an A+ rating by Qualys, Inc., an independent security firm. A copy of the results is available here.

Disaster Recovery

Our infrastructure is designed to handle a variety of failures, including server failures, rack failures, network switch failures, power outages and complete datacenter failure. To minimize the impact of a disaster on our customers, we implement several processes including:

  • Writing data to multiple disks in multiple data centers

  • Backing up all disk volumes nightly

  • Logging database transactions for point-in-time recovery

  • Ability to redeploy application stack and data within minutes

  • Using load balancers to automatically circumvent failures

Related Articles
Federal Backup Withholding Notice
Become PCI Compliant
SMS Messaging (Two-Way)
Client Mobile App - PetCare
Did this answer your question?