Security Overview

Our Commitment to Security

At CrisPRO, we take security seriously. We implement industry-leading security measures to protect your data and ensure compliance with healthcare regulations.

Data Protection

Encryption

• All data is encrypted in transit and at rest
• We use AES-256 encryption for data storage
• TLS 1.3 for all network communications

Access Controls

• Multi-factor authentication (MFA) required for all accounts
• Role-based access control (RBAC)
• Regular access reviews and audits

Compliance

• HIPAA compliant
• SOC 2 Type II certified
• GDPR compliant for international users

Infrastructure Security

Cloud Security

• Hosted on AWS with security best practices
• Regular security assessments and penetration testing
• 24/7 monitoring and incident response

Network Security

• VPC isolation and network segmentation
• Web Application Firewall (WAF)
• DDoS protection

Data Handling

Data Minimization

We only collect and process data necessary for our services.

Data Retention

Data is retained only as long as necessary and in accordance with applicable laws.

Data Deletion

Secure data deletion procedures ensure data is properly removed when no longer needed.

Incident Response

We have a comprehensive incident response plan that includes:

• Immediate containment and assessment
• Notification procedures
• Recovery and remediation steps
• Post-incident analysis and improvement

Contact

For security-related inquiries, please contact our security team at jedi@jedilabs.org.

Effective Date: July 20, 2025