Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

Version 1 Next »

Sumo Logic is used to capture, monitor, and analyze server-side logs.

Rollbar is used to capture, monitor and analyze client-side logs.

Crashlytics is used to capture crash reports from mobile clients.

Tidepool maintains a Business Associate Agreement for HIPAA compliance with both SumoLogic and Rollbar for handling of PHI.

Sumo Logic Application service logs and analysis are available to six employees who maintain Tidepool's infrastructure. Rollbar logs are available to all developers.

Monitoring, audit controls, and system activity review is documented and complies with 45 CFR 164.308(a)(5)(ii)(C)45 CFR 164.312(b), and 45 CFR 164.308(a)(1)(ii)(D).

Tidepool implements administrative safeguards compliant with 45 CFR 164.308(a)(1) and has addressable safeguards compliant with 45 CFR 164.308(a)(3).

All application logs are stored on encrypted filesystems in Virtual Private Clouds (VPC) as described in https://tidepool.atlassian.net/wiki/spaces/TTD/pages/712212560/System+Architecture. Access logs to instances containing PHI are maintained via operating system logging mechanisms.

At this time, Tidepool retains operation logging and audit trails indefinitely.

  • No labels

The content of the Tidepool Technical Documentation is licensed under a Creative Commons CC0 1.0 Universal (CC0 1.0) Public Domain Dedication.