Security & Data Protections
Ensuring the privacy and security of your data is a top priority for us. You can rest easy knowing that we take every precaution to provide an online service with high grade security.
Product security
Secure access: Logging in is secured by multi-factor authentication (PropelAuth).
Permissions: We enable permission levels within the app to be set for your staff so only those who've been invited can access a client’s information. (PropelAuth)
Network and application security
Data Hosting and Storage: Panacea services and data are hosted in Amazon Web Services (AWS).
Failover and Disaster Recovery: Regular testing of the recovery processes.
Virtual Private Cloud: All of our servers are within our own virtual private cloud (VPC) with network access control lists (ACLs) that prevent unauthorized requests getting to our internal network.
Backups: Data backups are taken regularly. These backups allow the creation of a replica environment within a minimal period of time. Backups are stored in a different AWS availability zone, with restricted access.
Customer Support: Panacea operates a support ticketing system allowing administrators and end-users to report any issues or errors they encounter
Monitoring: An internal production monitoring dashboard aggregates information from multiple internal and 3rd-party tools for monitoring its production environment and protecting it against potential threats or errors:
An internal notification mechanism is in place to alert operations and support teams on different anomalies detected in production.
AWS analytical tools are configured to continuously monitor production environment status, including server availability, CPU, memory, disk space and other key metrics; the Cloud Monitoring tool also sends alerts to operations team based on preconfigured policies.
Vercel usage service monitors frontend functioning
Permissions and Authentication
All-access to personal confidential data on IT systems can be attributed to individuals and logged. The principle of ‘least privilege’ is applied, so that users do not have access to data they have no business need to see.
We have 2-factor authentication (2FA) and strong password policies on GitHub, Google, AWS to ensure access to cloud services are protected.
Encryption
All data sent to or from Panacea is encrypted in transit using 256-bit encryption. Our API and application endpoints are TLS/SSL only. We also encrypt data at rest using an industry-standard AES-256 encryption algorithm.
24/7 Incident Response
We understand that Panacea may be critical to the well-being of your clients and business. That's why we have on-call engineers available at all times. Panacea implements a protocol for handling security events which includes escalation procedures, rapid mitigation and post mortem. All employees are informed of our policies.
Additional Security features
Training: All employees complete HIPAA training annually.
Policies: Panacea has developed a comprehensive set of security policies covering a range of topics. These policies are updated frequently and shared with all employees.
Confidentiality: All employee contracts include a confidentiality agreement.
Payments: All payments made to Panacea go through Stripe. Details about their security setup can be found at Stripe's security page.
Data Protection: We follow the required HIPAA guidelines
Data Sharing and Transfers: Like most companies, we use a number of third parties as part of our data processing, for example cloud services and technology services. We have a due diligence process with all our vendors and all sub processors of personal data have a Business Associates Agreement in place. We do not sell your data to anybody.
Questions?
If you think you may have found a security vulnerability, please get in touch with our team at support@openpanacea.com.
Getting Started FAQs
We’ve pulled together a list of common FAQs to help you and your team answer any questions about switching to Panacea. Have more questions?
Contact support@openpanacea.com or schedule a time to meet here
-
Panacea is a web-based application to manage the end-to-end operations of running a care management team.
-
Panacea was founded in 2024 with the mission to empower care managers to support more families. The team combines clinical and software experts to create tools that simplify the day to day operations for businesses like yours.
-
Technology makes it much, much easier to organize care by taking away time-consuming manual processes, providing access to the right information at the right time, and tracking data to maximize performance.
Panacea equips teams with the essential digital tools they need to manage and excel in delivering care. Panacea's all-in-one platform supports care businesses of all sizes and Panacea provides a host of other practical resources and support for professionals.
-
Panacea is made to grow with your organization. Here's how:
Flexible Cloud System: Panacea uses a strong cloud system that can handle more data and users as you grow.
Easy Connections: Panacea connects smoothly with other software you use, like accounting or sales tools.
Automatic Scaling: Panacea can automatically add more resources when needed, so it works well even during busy times.
Regular Updates: We update Panacea regularly to keep it current and provide support to help you with any issues.
Panacea grows with your business, keeping everything running smoothly no matter how big you get.
-
Yes, you can access Panacea through any browser.
-
No, access to Panacea requires having an Internet connection. We are considering offline versions for the future.
-
Any care team member could get access to Panacea's platform. We have worked with teams that only use Panacea as an internal tool, and are exploring options for client-facing access as well.
-
Panacea's customers store any information about their clients in the platform, including marketing, medical information, or communications.
-
We take data security and privacy very seriously. We are fully compliant with HIPAA to ensure that your personal information is protected, handled and stored correctly.
More details on our approach to security are available here.
-
Yes! You can schedule a demo with a member of our team here. If you do not see a time that fits your schedule, please reach out to support@openpanacea.com with a few times that would work for you.
-
Panacea offers a white-glove onboarding experience where a dedicated transition specialist will work with your team on the implementation. A typical timeline for transition is outlined in the Set-Up Checklist.
-
Panacea prioritizes integrations to avoid having to operate your business in silos. Currently we have integrations with Quickbooks with several more integrations on the roadmap for 2024.
-
None! We prioritize usability and an easy to navigate design. We have supported customers with a wide range of technical abilities.
-
Customers can email support@openpanacea.com at any time for support and expect to receive a response in less than 24 hours. During a transition to Panacea, you will also have the direct phone number for the associate helping in the transition to answer any urgent questions.
-
Unlimited ongoing support is included in your subscription.
-
You have the right to cancel at any time. We don't lock you in annual contracts.
-
We take feedback very seriously! Our public roadmap tracks all feedback from Panacea users and shows where they are in roadmap for release. Customers can expect to hear back in <24 hours on their inquiries.
-
Our team is willing to work with you to hit your organizational requirements for a smooth transition. The exact timeline will be dependent on the volume of clients and existing system. Schedule a time with a our team to discuss directly what a transition for your organization would look like here.
Want to learn more about Panacea?
Schedule a demo to learn more about our services.