Using PeekMed web is straightforward and does not necessitate any extra software beyond an updated web browser. It is important to take responsibility for the security of your own computer. In the following section, you will find essential recommendations for maintaining security while using PeekMed web. Ensuring a secure and safe experience with PeekMed web requires your active participation. Should a cybersecurity vulnerability or security event occur, you will receive notifications detailing the issue and any recommended actions based on its severity and potential impact. If you suspect a vulnerability or incident related to PeekMed web, please report it to us as outlined in the Technical Support section. For an effective investigation to commence, we kindly ask you to provide the following information:
- Contact details (name and address of the site, contact person name, function, phone number and email address);
- Version of PeekMed web;
- Date and time of the potential incident;
- Any error message that has appeared;
- Any action made by you before and after the security vulnerability was suspected;
- Any other event or source from which the security vulnerability is suspected to come from;
- Any additional information you judge necessary to understand and investigate the event.
In our ongoing effort to promote transparency and enhance cybersecurity, we provide a comprehensive Software Bill of Materials (SBOM) that details the components and dependencies of our software. This document is available upon request, allowing all authorized users to effectively evaluate the security measures in place. Users can obtain the SBOM in either a human-readable or machine-readable format, free of charge. To request your SBOM, please reach out to us at support@peekmed.com.
User Credentials
To access any data or resources within PeekMed web, it is essential to log in using your unique account. Please remember that your account and credentials are personal and should not be shared with others to maintain the security of your information.
To ensure your account is secure and your password meets our requirements, please create a password that is at least 10 characters long and includes at least one uppercase letter, one lowercase letter, and one number. We highly recommend enabling multi-factor authentication, which adds an extra layer of security by verifying your identity through an email sent to your registered address or via an authenticator app during the login process. It's important to note that PeekMed employees do not have access to your password and will never ask you for it. Stay vigilant against scams and phishing attempts; if you encounter any suspicious activity, please reach out to us immediately at regulatory@peekmed.com.
User Environment and Access
PeekMed web utilizes the HTTPS protocol to facilitate secure communication between your web browser and the software’s server. This protocol encrypts all data transmitted, thereby safeguarding the confidentiality and integrity of your information. To enhance your security experience, it is advisable to use a browser that automatically updates. Additionally, we encourage you to adhere to established best practices for online security:
- Apply security updates to your computer as soon as they are available;
- Use antivirus and anti-malware software on your computer;
- Activate the firewall on your computer;
- Use only the following address to access the application: https://app.peekmed.com/, being be careful with the imitation of the website and PeekMed web: verify the URLs you are connecting to;
- Make sure that the connection uses HTTPS protocol to access the software since PeekMed only permits the connection to our servers using an HTTPS connection.
- Log out from the software after each use;
- Don’t diffuse any information, especially about the application’s access and patient data on social networks;
- Separate personal and professional uses;
- Avoid public or unknown Wi-Fi networks.
PeekMed web temporarily saves information on your computer to enhance your experience while using the web application. We utilize a trusted certificate authority to ensure that HTTPS is enabled for secure communication. If you encounter a warning about an untrusted certificate while using PeekMed web, please close your browser immediately and reach out to us at regulatory@peekmed.com. To prioritize your security, PeekMed web actively monitors your connection to the software. Our security measures include:
- Bot protection: Identify if an autonomous program is forcing the login on the software. When triggered, an additional captcha is required on login;
- Brute-force protection: identifies if an attacker makes multiple attempts to guess credentials. When triggered, your account is blocked for one hour.
Servers
PeekMed web is hosted in a secure data center that is certified for handling Patient Health Information (PHI) and complies with HIPAA regulations. The servers are set up in a controlled environment that meets all applicable standards for this type of sensitive information. To further ensure the security of data transfers, we utilize the HTTPS protocol for all connections. It's important to note that the responsibility for server security and data retention lies with the manufacturer. Users have the right to request the deletion of patient data from the application’s server, as detailed in the Technical Support section.
Data exchange matrix
The table below provides an overview of the device functions that necessitate communication with the network. It includes detailed information regarding the endpoints, ports, and protocols utilized for each specific feature, enabling a clear understanding of the data exchange processes involved.
