Trust Center

Get access to this Trust Center
  • Review sensitive security details
  • Unlock documents
  • Reclaim access anytime
Had access before? Reclaim access

Overview

Color Health is committed to protecting its employees, partners, and patients from damaging acts that are intentional or unintentional. Protecting Color's data and the systems that collect, process, and maintain this data is of critical importance. Commensurate with risk, we implement security and privacy measures to guard against unauthorized access to, alter, disclosure, or destroy data and systems. Those include protection against accidental loss or destruction. The security of systems includes controls and safeguards to offset possible threats to ensure confidentiality, integrity, availability, and safety:

Confidentiality: Confidentiality addresses preserving restrictions on information access and disclosure so that access is limited to only authorized users and services.

Integrity: Integrity addresses the concern that sensitive data has not been modified or deleted in an unauthorized and undetected manner.

Availability: Availability addresses ensuring timely and reliable access to and use of information.

Safety: Safety addresses reducing the risk associated with embedded technologies that could fail or be manipulated by nefarious actors.

Compliance

CCPA Logo
CCPA
CSA STAR Logo
CSA STAR
FISMA Moderate Logo
FISMA Moderate
HIPAA Logo
HIPAA
ISO 27001 Logo
ISO 27001
SOC 2 Logo
SOC 2
Get access to this Trust Center
  • Review sensitive security details
  • Unlock documents
  • Reclaim access anytime
Had access before? Reclaim access

Documents

All
Public
Private
HIPAA Report
ISO 27001:2013 Stage 1 & Stage 2
Network Diagram
Pentest Report
Security Whitepaper
SOC 2 Type II Report
ISO 27001
CAIQ
HECVAT Full
VSA Full

Risk Profile

Data Access LevelRestricted
Impact LevelSevere
Recovery Time Objective24-48 hours
See more

Product Security

Audit Logging
Data Security
Multi-Factor Authentication
See more

Reports

HIPAA Report
ISO 27001:2013 Stage 1 & Stage 2
Network Diagram
See more

Self-Assessments

CAIQ
HECVAT Full
VSA Full

Data Security

Access Monitoring
Backups Enabled
Data Erasure
See more

App Security

Responsible Disclosure
Code Analysis
Credential Management
See more

Legal

Cyber Insurance
Privacy Policy
Terms of Service

Access Control

Data Access
Logging
Password Security

Infrastructure

Amazon Web Services
Anti-DDoS
Google Cloud Platform
See more

Endpoint Security

Endpoint Detection & Response
Mobile Device Management
Threat Detection

Network Security

Firewall
IDS/IPS
Spoofing Protection
See more

Corporate Security

Email Protection
Employee Training
Incident Response
See more

Security Grades

Qualys SSL Labs
Color Clinical (Provider)
A
Color API
A
Color Lab
A

If you think you may have discovered a vulnerability, please send us a note.

Report Issue
Powered BySafeBase Logo