Crisalix is committed to secure its data, and takes all measures to keep the highest level of security available today. When you access our site or app, your information is protected using both server authentication and data encryption, ensuring that your data is safe, secure, and available only to registered Users in your organization. Such encryption is implemented in both communication and storage.
Crisalix provides each User in your organization with a unique user name and password that must be entered each time a User logs on. Crisalix issues a session "cookie" only to record encrypted authentication information for the duration of a specific session. The session "cookie" does not include either the username or password of the user. Crisalix does not use "cookies" to store other confidential user and session information, but instead implements more advanced security methods based on dynamic data and encoded session IDs.
Crisalix is hosted in the Amazon Private Cloud, and follows strictly Amazon recommendations on HIPAA and medical applications. Servers are equipped with state-of-the-art IDS systems, firewall and up-to-date secured libraries. Penetration tests are done periodically to verify server/infrastructure security status.