We believe Arklign is an extension of your office and have invested in security technology and processes to meet the HIPAA and HITECH security standards. We will gladly sign a Business Associate Agreement with you to assure you that we take your patient data privacy seriously.

All your transmitted data are encrypted with SSL (TLS 1.2 ECDHE-RSA-AES256-GCM-SHA256 in Chrome/Firefox), the same standard used by the world’s leading financial institutions. We add an additional layer and encrypt your data at rest with the industry standard AES-256 encryption algorithm.  For users, all passwords are hashed using the Bcrypt algorithm.

All your data is securely stored off-site in our own dedicated instance of the Amazon Web Services (AWS) Elastic Compute Cloud. AWS is ISO 27001 certified and all of their data centers are staffed 24/7/365 by trained security guards, with access granted strictly on a “least privileged” basis. We also keep a real-time audit log of all logins and changes made by users.

All your data is backed up and stored on separate instances in AWS to prevent data loss. We implemented disaster recovery measures to minimize downtime to ensure our platform stays available and up-to-date.

Customer will be responsible for user access and PHI data.  The customer will control user access and roles, set policy for Patient ID, and manage the devices that access the Arklign Platform.