Privacy & Security

We take data protection seriously

With continuous improvements to our product, we invest the time in ensuring our product keeps your data safe and secure. We’ve made a FAQ to help resolve some of your security worries.

STORAGE AND DATA

How do I know the information me and my clients transmit on your platform is secure and private?

Everything in terms of data transmitted within Adracare employs 256 bit AES encryption, which is the same grade of encryption used by financial institutions.

What type of encryptions do you use?

Our communication is encrypted in transit, in database, and at rest leveraging AES 256 Bit encryption.

Where is your data stored?

Our Platform maintains strict geographic boundaries and as such, data for patients and providers in one country never crosses into another.  

Do you ever share data internationally?

Your data is safe and secure, and is not transmitted to other locations. The only time your data is accessed internationally is if we are is if we are doing support.See below for more information.

How do you address breaches, vulnerabilities or other product issues?

Our platform is scanned for vulnerabilities with every code change before getting deployed into production environments. Any potential vulnerabilities are detected and remediated immediately.Adracare has never had a breach. However if a breach is to ever occur, in strict accordance with our Data Breach policy, the Chief Compliance Officer will invoke the data breach management protocol, suspending access to users who may have been part to the incident, securing all audit logs associated with the incident, notifying all parties impacted by the breach.Our data breach and notification protocols are reviewed and tested on an annual basis by 3rd party Privacy and Security auditors.   We make sure to do everything in our power to make sure breaches don’t happen, and make sure we know how to act if it were to ever occur. 

ACCESS AND VISIBILITY

Are you compliant with HIPAA, PHIPA, PIPEDA, PIPA or applicable personal health information legislation?

Yes we are. If you don’t see your compliancy above, you can review our compliancy documentation by scrolling down to our compliance statement or clicking here.

Do video calls adjust video quality based on bandwidth at each end?

Yes - video quality is automatically adjusted based on a user’s internet speeds.  A quick way to check what quality you (or your patient) can expect is to visit https://www.speedtest.net and check your download and upload speeds.

Low Quality Video will be used for Internet Speeds between 0.15 Mbps and 0.54 MbpsMedium Quality Video will be used for Internet Speeds between 0.54 Mbps and 1.5 MbpsHigh Quality Video will be used for Internet Speeds greater than  1.5 Mbps

How do you assure that your security and privacy practices meet industry standards?

Our Platform, and policies are audited by independent 3rd party Privacy and Security Auditors on an annual basis.

Does Adracare or its employees have access to the information I or my client put on the platform?

Yes, but only certain full time employees of Adracare access information, on a highly regulated basis for Quality Assurance and Testing. We use realistic sample data whenever we can, but to investigate certain records we require access to fix issues.

Does the platform record my video sessions? Is someone watching?

No, we do not record any video sessions. The only people who can see video appointments are the participants.

PARTNERSHIPS AND METADATA

Do video calls adjust video quality based on bandwidth at each end?

Yes - video quality is automatically adjusted based on a user’s internet speeds.  A quick way to check what quality you (or your patient) can expect is to visit https://www.speedtest.net and check your download and upload speeds.

Low Quality Video will be used for Internet Speeds between 0.15 Mbps and 0.54 MbpsMedium Quality Video will be used for Internet Speeds between 0.54 Mbps and 1.5 MbpsHigh Quality Video will be used for Internet Speeds greater than  1.5 Mbps

How do you assure that your security and privacy practices meet industry standards?

Our Platform, and policies are audited by independent 3rd party Privacy and Security Auditors on an annual basis.

Does Adracare or its employees have access to the information I or my client put on the platform?

Yes, but only certain full time employees of Adracare access information, on a highly regulated basis for Quality Assurance and Testing. We use realistic sample data whenever we can, but to investigate certain records we require access to fix issues.

Does the platform record my video sessions? Is someone watching?

No, we do not record any video sessions. The only people who can see video appointments are the participants.

HIPAA, PHIPA & PIPEDA Compliance Statements

Adracare is committed to and has implemented many safeguards to ensure its devices, services, websites and data systems (collectively “Products”) are compliant with the regulations and conditions set forth in the Health Insurance Portability and Availability Act  (HIPAA), the Personal Health Information Protection Act (PHIPA), the Personal Information Protection and Electronic Documents Act (PIPEDA) and other applicable personal health information legislation where it operates. Adracare is committed to the continuous improvement of its policies to ensure our Products incorporate state-of-the-art information technology privacy and security measures.

Adracare deploys its solution in data centers in Canada, United States of America, United Kingdom, Australia, Netherlands, and new data centers are constantly added to meet the personal health information regulations in each region. Data in one region never travels into another, and all geographic boundaries are maintained to all scoped data. All solutions are deployed with redundancies and regular backups, in accordance with Adracare’s Written Information Security Program, available on request.

Adracare protects personal health information through the following integrated administrative, physical and technological safeguards:

DETAILS

Administrative Safeguards. Adracare has implemented policies to ensure appropriate assignment of data access permissions and proper movement and handling of that data. Privacy training is an annual mandated event for all staff, as well as annual review of policy effectiveness during internal or third party auditing of our Products.

Physical Safeguards
. The primary physical safeguard for Adracare is to not retain sensitive data in any public or private Adracare location other than those assigned for database management and quality assurance activities. Specific workstation usage, disposal, reuse and security measures are in place. Access to Adracare  facilities are all independently controlled via key access preventing walk-up intrusion. Adracare data centre uses a cloud-based architecture with inherent security measures including 24 hours monitoring, advanced fire protection systems, uninterruptible power and database redundancy. Annual audit of the facility security plan, disaster recovery plan, and contingency plans are in place.

Technical Safeguards.  To further protect sensitive data, Adracare enforces unique software architecture that includes user identifications, various database audit logging, data integrity systems and verified backups, entity authentication programs, digital certificates, various levels of encryption (for data in rest, and in transit) and other custom architecture to further obscure sensitive data from threats.

OTHER INFORMATION
Adracare will never share, sell, or trade Personal Identifiable Information (PII) or Personal Health Information (PHI) to third parties. Adracare does not use or disclose Personal Health Information, except as necessary in the course of providing its product and service to its clients. If disclosure of Personal Health Information is necessary at any point, it is used or disclosed strictly in accordance with the Personal Health Information Protection Act.

CONTACT
If you have further questions regarding our Privacy Statements, please contact our Chief Compliance Officer at
compliance@adracare.com or 1-855-783-6771

Did we miss your question? Fill in the form below and we'll
get back to you within 24 hours.