Blog

How Force Therapeutics Protects Your Practice and Patient Data

< Back to Blog Feed

Your practice and patient data is a resource that Force Therapeutics carefully protects.

In fact, in July 2022, an independent Service Organization Controls (SOC) 2 Type II & HIPAA audit confirmed that Force Therapeutics has implemented well-designed, effective data security controls and measures to safeguard your data.

After conducting the audit, the auditor, Linford & Company LLP, found no exceptions, issuing  an “unqualified opinion.” This means that Force Therapeutics’ security measures meet the high information security standards set out by the American Institute of Certified Public Accountants (AICPA) and the Health Insurance Portability and Accountability Act (HIPAA) security rules.

What are some of the measures Force Therapeutics uses to protect your practice and patient data? This article highlights just a few of them.

Industry-Leading Physical Security

Force’s infrastructure is hosted by Amazon Web Services (AWS), which means Force inherits the stringent physical safeguards AWS places around all its facilities, hardware, and networking equipment. As the leading cloud infrastructure solution for enterprises, AWS supports more security standards and compliance certifications than any other offering

Force processes, stores, and transmits protected health information (PHI) using only the HIPAA-eligible services defined in the AWS Business Associate Agreement.

In addition, all in-transit network communication is encrypted using the latest encryption algorithms.

Internal Controls Provide Additional Protection

In addition to these physical security measures we employ, Force protects your data through a number of internal controls:

  • All Force employees participate in annual HIPAA training.
  • Cameras record activities at the exits of our office 24/7.
  • Mobile apps have built-in PIN requirements so patient data is not exposed when apps are reactivated.
  • Tools monitor for potential unauthorized activities, server and network usage, port scanning activities, application usage, and unauthorized intrusion attempts.
  • Our engineering team regularly reviews server logs for any unusual activity.

These are just a few of the controls we have in place to safeguard your practice’s sensitive information and patient data.

Trusted by Top Health Systems

Leading health systems, including Geisinger, have vetted our platform and use it to standardize care, reduce costs, and improve the provider and patient experience.

If you’d like to learn more about how we can help your healthcare organization achieve these outcomes while keeping your data safe, please contact us.