QuantiModo uses high-security standards to protect customers’ data and ensure users’ privacy. The security is implemented for data at rest and data in transport.
- All the data served over the QuantiModo API uses HTTPS.
- We audit our security setup to ensure that the certificates we serve are up to date.
- We force HTTPS for all connection to our API server to ensure that data is always encrypted during the transport from our server to your application.
- It is important that you make sure to use the same methods to ensure that the data is encrypted all the way to the end user.
- AES 256bit encryption
- Encryption keys are rotated and separated from the database and application servers
- They are stored in a fault-tolerant key management cluster with limited access.
- The master key is kept in a secure vault to ensure a maximum level of security.
HIPAA and BAAs
QuantiModo Connect will enter into Business Associate Agreements with covered entities of sub-contractors as we find appropriate depending on the type of data integrations that are necessary. For requests regarding Business Associate Agreements please contact us at firstname.lastname@example.org.
All API calls are logged for later review.