Compass is designed with a focus on protecting user information while remaining appropriate for a non-clinical, non-PHI platform.
Compass uses secure, modern cloud infrastructure and standard security practices to protect user information during transmission and storage. Security controls are applied to limit unauthorized access.
Users can access only their own account data. Account permissions and session handling are designed to reduce unauthorized access.
Users are responsible for safeguarding their login credentials and for ensuring that no patient-identifying or clinical information is uploaded to the platform.
If you believe you have identified a security vulnerability, please report it responsibly to: security@compassmed.app