Roll Based Access
All user roles within Dr. Rounds® for your group have different and varying access to information. Security for all users is enforced at the Application level AND the database level. We protect against intrusion by forcing security checks at various points in Application code.
Any and All data within Dr. Rounds® is encrypted. The data coming from the Dr. Rounds® App on your phone is sent using AES-256-bit encrypted SSL. Our load balancers handle the encrypted SSL and send it to the Web Servers which decrypt the SSL. All access between the Web Servers and the Database is encrypted. Our database uses the strongest encryption available to keep ALL data encrypted, as well as its backups. All media uploaded to our servers is also stored in AES 256-bit encryption.
If we have it, if we touch it, it is encrypted.
All the encryption in the world is worthless without data security. We at Dr. Rounds utilize Amazon Web Services. We highly suggest reading AWS's information on the security of their platform, both physically and implementation wise at http://aws.amazon.com/security/. Amazon has extensive experience and more certifications than we can list to backup claims of security of their data centers.
Along with that, we utilizing extensive logging, private cloud servers (dedicated instances), firewall policies, backup policies, all to ensure data integrity, and patient safety.
Your data is your data. You own it. We do not share your information with any third parties. Your data is absolutely partitioned to be viewable by you alone.
All users within Dr. Rounds® have unique identifiers. Your passwords are stored in a hashed format - not plain text, meaning they cannot simply "reverse engineered." If you forget your password, simply request a new one and you will be issued a new temporary password to your email address.
Your login is enforced every time you use the Dr. Rounds® App, we ensure that every request made is made with your login credentials. If your login fails, for whatever reason - the App is automatically wiped on your device, protecting patient information.
Automatic Log Off
The Web App has an automatic logoff for users. This protects your patient information if you fail to be active within the Web App for a period of time.
Dr. Rounds® and its staff handle your patient's health information with confidentiality, privacy, and respect. We ask that you follow your provider's policy on communicating sensitive information in their practice.
Data Integrity and Backups
For continuity in service, Dr. Rounds® employs a backup strategy that backs up, encrypts, and stores in various secure locations the encrypted backup data. In a worst case scenario, we have the ability to restore data in a very short amount of time.
We perform extensive logging of access to the App to ensure your data is accessed correctly.
Any organization that uses Dr. Rounds® must sign a Business Associate Agreement (BAA) to use our software.