Redox serves as an intermediary for exchanging data between you and your connections. We share a responsibility with you and your connection to ensure data remains secure from end-to-end. Here's a summary of the key responsibilities to create a safe journey for all data exchanged via Redox.
- Build a robust, defense-in-depth security program addressing all angles of our operating environment.
- Ensure our systems and environments are complaint with relevant standards, including HIPAA, HITRUST, and SOC 2.
- Assure the secure receipt, storage, access, and transmittal of all properly formed data exchanged via Redox.
- Restrict access to systems and data by Redox roles, granting access only to those with a specific business need.
- Maintain 24/7 support for responding to system stability and availability issues.
- Respond to questions that you or your customers may have about our security posture.
- Respond to questions that your customers may have about our security posture.
- Refer your connections to our docs for a detailed overview of how and why Redox is a secure platform for data exchanges.
- Establish user access procedures:
- Develop security procedures that empower you to approve user access, control user access levels, and establish administrative settings.
- Periodically review the list of users with access to the Redox dashboard and remove access from anyone who shouldn’t have it.
- Ensure access changes reflect change-control procedures.
- Support modern, industry-accepted data connection standards (learn more about data in transit).
The data that you exchange via Redox with your connection becomes the responsibility of your connection at the point that it is received over your secure integration. Healthcare organizations should:
- Support modern, industry-accepted data connection standards (learn more about data in transit).
- Review our docs for an overview of security at Redox.