Overview
Overview

Color Health is committed to protecting its employees, partners, and patients from damaging acts that are intentional or unintentional. Protecting Color's data and the systems that collect, process, and maintain this data is of critical importance. Commensurate with risk, we implement security and privacy measures to guard against unauthorized access to, alter, disclosure, or destroy data and systems. Those include protection against accidental loss or destruction. The security of systems includes controls and safeguards to offset possible threats to ensure confidentiality, integrity, availability, and safety:

Confidentiality: Confidentiality addresses preserving restrictions on information access and disclosure so that access is limited to only authorized users and services.

Integrity: Integrity addresses the concern that sensitive data has not been modified or deleted in an unauthorized and undetected manner.

Availability: Availability addresses ensuring timely and reliable access to and use of information.

Safety: Safety addresses reducing the risk associated with embedded technologies that could fail or be manipulated by nefarious actors.

Compliance
Compliance

CCPA Logo
CCPA
CSA STAR Logo
CSA STAR
FISMA Moderate Logo
FISMA Moderate
HIPAA Logo
HIPAA
ISO 27001 Logo
ISO 27001
SOC 2 Logo
SOC 2

Documents
Documents

8 Documents
HIPAA Report
Network Diagram
Pentest Report
SOC 2 Report
CAIQ
VSA Full

Risk Profile
Risk Profile

Data Access LevelRestricted
Impact LevelSevere
Recovery Time Objective24-48 Hours
View 4 More Items

Product Security
Product Security

Role-Based Access Control
Audit Logging
Data Security
View 3 More Items

Reports
Reports

HIPAA Report
Network Diagram
Pentest Report
View 1 More Item

Completed Forms
Completed Forms

CAIQ
VSA Full

Data Security
Data Security

Access Monitoring
Backups Enabled
Data Erasure
View 3 More Items

App Security
App Security

Bug Bounty
Code Analysis
Software Development Lifecycle
View 2 More Items

Access Control
Access Control

Data Access
Logging
Password Security

Infrastructure
Infrastructure

Anti-DDoS
Amazon Web Services
Google Cloud Platform
View 2 More Items

Security Grades
Security Grades

Qualys SSL Labs
  • Color Clinical (Provider)
    A
  • Color API
    A
  • Color Lab
    A

Endpoint Security
Endpoint Security

Endpoint Detection & Response
Mobile Device Management
Threat Detection

Network Security
Network Security

Firewall
IDS/IPS
Spoofing Protection
View 1 More Item

Corporate Security
Corporate Security

Email Protection
Employee Training
Incident Response
View 3 More Items