Security

The data security of your employee, guest or community member is a high priority for us at HealthyScreen. We recognize that the survey results you provide us daily may contain sensitive information that only you and the individual members who interact with your organization need to know. We intend to keep it that way. We work every day to ensure that our security is aligned with industry security standards.

Overview

HealthyScreen is implemented in AWS and hosted in datacenters in the United States. All data (both long term and temporary data) is encrypted in transit using TLS 1.2 and encrypted at rest using AES-256. Logs that have Personally Identifiable Information (PII) are redacted automatically so neither developers nor support technicians have access to individual PII.  HealthyScreen has Intrusion Detection Systems (IDS) on every server, and Penetration Testing is performed periodically. Operating System patching is performed regularly with rolling updates between our Development, Staging, and Production environments.  HealthyScreen has a complete Disaster Recovery plan, which includes a separate, independent service to access Survey information should the main website become unavailable.

AWS logo

Amazon Web Services

HealthyScreen contracts its data center solution through Amazon's AWS subsidiary. AWS is the leading cloud-based server and storage solution provider by market share and reputation. AWS infrastructure and management approach is state of the art. AWS has many years of experience designing, constructing, and operating large-scale data centers for a wide range of customers in the United States and globally. All HealthyScreen servers reside on-shore at datacenter sites in the United States.

Software Development & Security

Servers and networking

All servers that run HealthyScreen software in production are continuously patched Linux systems. For additional hosted services that we utilize, such as Amazon S3, RDS, and Route 53, we take advantage of AWS's comprehensively hardened infrastructure-as-a-service (IaaS) platforms.

Storage

HealthyScreen stores data such as metadata, activity, original files, and customer’s data in different locations while also compiling and generating documents when requested. All data in each location is encrypted at rest with AES-256 and encryption keys.

Software Development

HealthyScreen follows industry standard programming techniques for development documentation and quality assurance processes. We also follow guidelines such as the OWASP report, to ensure that the applications meet security standards.

Customer Payment Information

HealthyScreen uses 3rd party secure payment process providers to facilitate transactions. HealthyScreen does not store nor have access to any credit card, debit card, or bank account information of our customers or users.

Application Architecture

The HealthyScreen web application is a multi-tiered solution that is set into logical segments (front-end, mid-tier, and database), each independently separated from each other in a DMZ configuration.

Service Level

HealthyScreen's infrastructure relies on several layered techniques for increasing uptime. Our approach includes the use of auto-scaling, load balancing, task queues, and rolling deployments. We conduct daily backups of our databases. All backups are encrypted.