Login / Logout
Biometric authentication: After patients register and log in to UpPatient, they have the option to enable biometric authentication (fingerprint or facial recognition) to log in to the app going forward.
UpPatient automatically logs users out after a short period of inactivity and requires a password, fingerprint, or facial recognition scan to log back in.
Secure data storage
Because the patient data is saved on a server, and not on the device, there is no encryption required. The only data saved on the device is the session token.
Data stored on a server is encrypted ("encrypted at rest") and sensitive data (PHI) has an additional layer of encryption.
In the event that a non-authorized third party attempts to access sensitive data or files, they cannot view or interpret the data.
Explicit device permissions are required for the following when opening the downloaded app for the first time:
Camera: Mandatory for virtual video consults
Microphone: Mandatory for virtual consults that are initiated as audio only
Push notifications: Required for notifying the app user when their provider attempts to initiate a virtual consult or if a provider sends them a message.