Employee Security practices

Owned by Ben Derr
Last updated: Feb 28, 2024 by Howard Look
1 min read

All Tidepool employees undergo annual HIPAA security audits of all computers, accounts and mobile devices used for work purposes.

Search this space

Tidepool employees are educated yearly and on a continuing basis regarding security practices and information security risks, to include:

  • Incident response and how to report issues when bad things happen

  • Mobile device security

  • Email security and phishing

Tidepool employees are required to use unique, strong passwords and to maintain their passwords in an approved password manager .

All Tidepool employees are required to use 2-factor authentication for all Tidepool accounts and critical accounts are secured with hardware tokens.

All Tidepool employees are required to use screen and account locking for computers, filesystem encryption for all compute devices, and to have strong passwords and encryption enabled for their mobile devices that access Tidepool accounts

All Tidepool employees are required to use multi-factor authentication, 2-factor authentication, or SSO for all capable services.

See https://tidepool.atlassian.net/wiki/spaces/PUBSEC/pages/2147615148 for additional details.

 

The content of the Tidepool Technical Documentation is licensed under a Creative Commons CC0 1.0 Universal (CC0 1.0) Public Domain Dedication.