What Are Your Security Features?

We built Ripple with the safety and security of your data in mind. From the start, Ripple was developed using a HIPAA-compliant architecture. Thus,  all of our plans comply with the current best practices in data privacy and security. Our security features include:

Infrastructure and Data:

  • HITECH certified data centers*
  • Separate database and application servers
  • Double sever redundancy (3-replica sets).*
  • Dedicated, non-shared servers
  • Logical segmentation of customer data
  • Dedicated firewall and intrusion scanning

Encryption:

  • SSL 2048-bit data encryption during transit
  • Disk Level database encryption (i.e., encryption at rest)

Audit Controls:

  • Fully readable audit logs for account admins
  • Tracking of all View, Edit, Delete, Modify events
  • Event level tracking for all users
  • Custom selection of auditable events
  • Logging of all failed login attempts

Access and authentication:

  • Access control via username and passwords
  • Automatic user logoff (custom time)
  • Strong password requirement SC 03.02
  • Case sensitive usernames (ISO-646/ECMA-6 )
  • Password expiration (custom time)
  • No password reuse for 12 month
  • Account lock upon a custom number of failed login attempts
  • Access groups with custom access roles
  • Optional two-factor authentication*
  • Limited feedback after failed attempt
  • No access of customer data by Ripple’s staff except when mandated by law or when explicitly requested and authorized by customer for data recovery or technical support purposes.

* Clinical plans only.