Your Bidirectional data, protected from Source to Destination
Flume Relay was architected from the ground up to provide enterprise-level security, privacy, and compliance. Our platform is fortified by rigorous protections, policies, procedures, and controls to ensure the secure and compliant handling of your sensitive healthcare data.
Powerful Access Controls and Web Portal Connectivity
Relay grants access based on user roles using best practice principles of least privilege. You can assign different roles with varying levels of access, including admins, editors, and viewers.
Relay uses industry-leading Identity and Authorization tech for secure remote access, leveraging the same enterprise-grade authentication that safeguards Google's extensive global network. Our system enhances security with advanced threat intelligence and easily integrates with your own external identity providers like Microsoft, Google, Okta, and others.
Customer Data Control and Data Encryption
Relay acts as an intermediary between data sources and destinations allowing customers or vendors to grant or revoke Relay’s access at their discretion. Each Relay feature that necessitates data access is engineered with rigorous security and compliance protocols. For added control, customers have the option to host data within their own cloud infrastructure. We utilize robust cloud encryption infrastructure, including secrets and key management to protect sensitive data.
Defense at Depth with Network and Vulnerability Management
Engineered with a sophisticated toolkit, Relay adopts a multi-layered security architecture to guard against threats and vulnerabilities. Our strategy integrates secure development practices, comprehensive vulnerability detection and management, in-depth application testing, managed cloud infrastructure, hardened deployments, and regular assessments among other practices to effectively minimize attack surface.
Relay utilizes a hardened Kubernetes architecture for robust network security, applying stringent access controls from the cloud project layer down to the container level. Our authentication system, enhanced by an internet-scale web application firewall, oversees all Relay interactions and offers the capability to seamlessly integrate with your chosen Identity Providers (IdPs). Complementing this, we enforce meticulously crafted network access policies for exhaustive security coverage.
Relay was created as a purpose-built platform for the healthcare industry with a strong emphasis on regulatory compliance.
Relay is meticulously engineered to meet and exceed the stringent technical and security mandates set forth by HIPAA regulations. Our platform ensures that electronic protected health information (ePHI) remains confidential, accessible, and safeguarded against unauthorized access. By utilizing Relay, healthcare organizations not only meet compliance standards but also gain superior control, enhanced visibility, and the ability to execute timely data management updates, further bolstering their HIPAA compliance posture.
Flume has SOC 2 policies and procedures in place.