Tendral Health

Security

Last updated: September 6, 2025

Your data security is our top priority. We implement comprehensive security measures to protect your information and ensure the integrity of our platform.

Enterprise-Grade Security

We maintain the highest security standards with enterprise-grade infrastructure, encryption, and monitoring to protect your professional information.

Security Features

Data Encryption

All data is encrypted in transit and at rest using industry-standard AES-256 encryption. Your information is protected with the same level of security used by major financial institutions.

Access Control

Multi-factor authentication and role-based access controls protect your account. Advanced authentication systems ensure only authorized users can access your data.

Privacy First

We collect only necessary data and never process Protected Health Information (PHI). Our platform is designed with privacy by design principles.

Secure Infrastructure

Built on enterprise-grade cloud infrastructure with automated security monitoring, DDoS protection, and 24/7 threat detection systems.

Data Encryption

Encryption in Transit

  • All data transmission uses TLS 1.3 encryption
  • API communications are secured with HTTPS
  • Database connections use encrypted channels
  • Third-party integrations require secure protocols

Encryption at Rest

  • AES-256 encryption for all stored data
  • Encrypted database storage with secure key management
  • Regular key rotation policies and secure key storage
  • Encrypted backups and disaster recovery systems

Authentication & Access Control

Enterprise Authentication

We use Supabase's enterprise-grade authentication system, which provides:

  • Multi-factor authentication (MFA) for enhanced security
  • OAuth integration with trusted providers (Google, Microsoft)
  • Session management and automatic timeout controls
  • Password strength requirements and complexity validation
  • Account lockout protection against brute force attacks

Row-Level Security (RLS)

Our database implements Row-Level Security policies to ensure:

  • Users can only access their own data and authorized resources
  • Role-based data access controls with principle of least privilege
  • Automatic data isolation between organizations and users
  • Granular permission management for different user types

Infrastructure Security

Cloud Security

  • Hosted on SOC 2 Type II certified infrastructure
  • Distributed denial-of-service (DDoS) protection
  • Web application firewall (WAF) for advanced threat protection
  • Automated security scanning and vulnerability management
  • Regular penetration testing and security assessments

Network Security

  • Private network isolation with secure network architecture
  • IP whitelisting capabilities for enhanced access control
  • Intrusion detection and prevention systems
  • 24/7 security monitoring and incident response

Compliance & Certifications

Our security measures are designed to meet or exceed:

  • SOC 2 Type II standards for security, availability, and confidentiality
  • ISO 27001 information security management frameworks
  • GDPR requirements for European data protection
  • CCPA compliance for California privacy rights
  • Healthcare industry best practices and security standards

User Security Best Practices

To help keep your account secure, we recommend:

  • Using strong, unique passwords for your account
  • Enabling multi-factor authentication when available
  • Regularly reviewing your account activity and login history
  • Keeping your browser and devices updated with latest security patches
  • Reporting suspicious activity immediately to our security team

Security Contact

If you have security concerns or wish to report a vulnerability, please contact us:

Email: security@tendralhealth.com
Address: Tendral Health LLC, 123 Market Street, Suite 500, Bozeman, Montana 59715