Protecting your therapyBOSS account
Required for web access from unrecognized devices. Remembered for 30 days if browser cookies are enabled.
Office staff accounts are permission restricted. Clinicians only have access through their own interfaces and only to assigned patients.
One place to add and manage office staff. Last login timestamp to monitor activity. Lockout for failed login attempts. Related email notifications.
User data security
Protecting your data in therapyBOSS
All data communication is encrypted with TLS 1.2. For data in storage, AES 256 bit encryption is employed.
Mobile app encryption
Mobile app stores data on devices to be able to work offline. This data is secured with AES 256 bit encryption.
Account passwords are hashed in the database to be indecipherable. Forgotten passwords must be reset.
Data center security
Protecting our networks and infrastructure
Virtual Private Cloud
Hosted in a dedicated private cloud. Firewall rules and software defined networking with all connections encrypted.
Local (Chicago area) data center. SSAE18 Type 2, SOC1, SOC2 compliance. 24/7 physical security and protection.
Access into production networks is restricted by IP address and possible only by a few authorized members of our team.
Ensuring business continuity
Every component of our network infrastructure is essentially duplicated to deliver resiliency in the face of system failures.
Comprehensive backup strategy ensures that all data is backed up frequently and backups are ready for restoration.
Stand-by data center
Real-time data replication to a geographically separated hosting environment for seamless continuity.