Platform Security
Peace of Mind, Built In
Izzy has been built from the ground up with security in mind. While the platform does not allow the saving of client names or addresses, we still treat the information as Private Health Data (PHI), and have the necessary safeguards in place to ensure compliance with PHIPA, PIPEDA and HIPAA. This includes:
- Encryption – both dashboard access and the chat widget are accessible only through SSL. Furthermore, all data is ‘encrypted at rest’ on the server.
- Role Management – Izzy has role management baked in, so staff & volunteers are only able to see conversations that they took part in.
- Secure Processes – Ripple Group, who manages Izzy, partners with Tugboat Logic to maintain Information Security compliance throughout the organization. Ripple Group is also trusted to manage different Electronic Medical Record (EMR) software that is in use by hundreds of clinics in Canada and the United States
- Backups – our servers are backed up several times a day to offsite partners
- Server Location – Izzy runs at Amazon Web Services using both Canada-Central and US-West availability zones depending on the client location