Skip to main content
Arklign Security Policy

Learn how we encrypt, protect, and back up your data

Ray Alde avatar
Written by Ray Alde
Updated over a week ago

We believe Arklign is an extension of your office and have invested in security technology and processes to meet the HIPAA and HITECH security standards. We will gladly sign a Business Associate Agreement with you to assure you that we take your patient data privacy seriously.

We encrypt your sensitive information

All your transmitted data are encrypted with SSL (TLS 1.2 ECDHE-RSA-AES256-GCM-SHA256 in Chrome/Firefox), the same standard used by the world’s leading financial institutions. We add an additional layer and encrypt your data at rest with the industry standard AES-256 encryption algorithm.  For users, all passwords are hashed using the Bcrypt algorithm.

We protect your data in a secure physical location

All your data is securely stored off-site in our own dedicated instance of the Amazon Web Services (AWS) Elastic Compute Cloud. AWS is ISO 27001 certified and all of their data centers are staffed 24/7/365 by trained security guards, with access granted strictly on a “least privileged” basis. We also keep a real-time audit log of all logins and changes made by users.

We backup your data to prevent loss and downtime

All your data is backed up and stored on separate instances in AWS to prevent data loss. We implemented disaster recovery measures to minimize downtime to ensure our platform stays available and up-to-date.

Customer Responsibility

Customer will be responsible for user access and PHI data.  The customer will control user access and roles, set policy for Patient ID, and manage the devices that access the Arklign Platform.

Did this answer your question?