Protecting your data is our top priority.
Our company offers the following methods to prevent your account from unauthorized access and keep your data safe:
Strong Password Policy
We ask our users to create 8-character passwords, with minimum 1 uppercase, 1 lowercase and a number to make your passwords harder to discover. Additionally, we limit the number of “change password” attempts: you can try to change your password for 5 times, after that this option we’ll be blocked for you for 2 hours.
Two Factor Authentication
Two-factor authentication can be switched on by the clinicians for their team members and/or patients.
If the 2FA is turned on for your account, in addition to the usual login and password, you will need to enter a verification code sent to your mobile phone after the password has been provided.
After enabling two-factor authentication, you will not need to enter the verification code again since the system remembers your device. If you haven’t visited the app for a long time or log in from a new device, you’re to pass through the 2FA verification once again.
With this feature, if you forget to log out of the app, the next person that uses that computer or electronic device will not have access to your account.
This is especially beneficial to you if you share computers in the workplace, if you work on public computers or if you are concerned that someone will use your electronic device when you leave it unattended.
Read how the automatic logout feature works for investigators and patients.
Monitoring User Activity
We monitor unsuccessful user login attempts in order to catch suspicious activities and prevent unauthorized access to the account. Keeping an eye on user activity helps to investigate if it is indeed the user that simply forgot their password, or if someone is trying to hack the account using any software or scripts.
Smart Data Storage
Our apps are hosted on Amazon Web Services (“AWS”) to ensure the highest level of security and stability for your data.
AWS Cognito and Amazon S3 that we use for your data storage provide authentication mechanisms to ensure that data is kept secure from unauthorised access in the PI region most preferrable for you.