Eko security overview September 08, 2022 18:25 Updated Here you’ll find information about Eko’s infrastructure and security. Security and HIPAA Data security is one of our highest priorities. Eko maintains HIPAA compliant policies, procedures, and technical safeguards for patient and customer data. Policies and procedures Eko maintains industry recommended HIPAA-compliant policies and procedures for securing patient data. Encryption Eko uses HIPAA-compliant and NIST recommended 256-bit AES encryption using managed keys for patient data. Encrypted backups are taken daily. Backups We conduct nightly backups and regularly test our backups to ensure data recoverability. BAA agreements Eko maintains BAA agreements with subcontractors and our hosting providers to ensure HIPAA compliance. Secure facilities (SOC 2) Eko is Service Organization Control 2 (SOC 2 Type 2) certified to keep health system and patient data safe. Contact us To report security issues or concerns, please contact: security@ekohealth.com. LBL380 Rev.A Date of Issue August 31, 2022
