Data Protection & Encryption
Data at Rest
We use the Advanced Encryption Standard (AES) 256-bit encryption to store your data, providing a level of security in line with leading US financial institutions.
Data in Transit
MedProcure, LLC, strictly enforces the use of the Transport Layer Security (TLS) 1.2 encryption protocol when logging in or accessing any web application or service that deals with and/or transmits your personal information. This protocol not only ensures the secure transmission of your data, but also confirms the authenticity of our site.
In partnership with our colocation service provider, we host all our production applications and databases in a secure environment that meets the highest standards of data security and access controls.
Your account, your control. If you request to delete your account, we assure the complete and irreversible removal of all data and documents associated with your account, including security backups, within 35 days from your request.
Identity Management & Authentication
We require complex passwords, stored using a non-reversible hash. To ensure additional security, we automatically log out users after a period of inactivity.
Sensitive Information Handling
At MedProcure, we never store credit card information, and we do not collect Social Security numbers. We avoid collecting HIPAA-scoped data whenever possible. However, some of our products might require the collection of some health information.
MedProcure is in the process of completing a Type 1 Service Organization Control 2 (SOC 2 Type I) audit, as confirmed by an independent CPA report and certification. We are on track to receive our SOC 2 Type II certification by the first quarter of 2024, demonstrating our commitment to rigorous information security policies and procedures.
For comprehensive security management, we work with Kobalt to ensure round-the-clock security monitoring and incident response, thereby maintaining the safety and integrity of your data.
In the event of a system outage, we have implemented measures to maintain data security and robust disaster recovery and business continuity plans. If you identify a security issue affecting MedProcure or our users, we encourage you to report it to us at email@example.com. We welcome any other security concerns as well - your safety is our priority.