FAQ: Study Data Protection


How will my data be protected?


Summary of Levels data storage practices

  • Levels uses a HIPAA-compliant cloud platform, Aptible, to manage our server and database infrastructure.
  • Aptible manages and audits security best practices, including ensuring that data is encrypted via AES-256 industry standards at rest and End-to-end Encryption in transit. Traffic is encrypted all the way from endpoints to app and database containers using strong Transport Layer Security (TLS) ciphers.
  • Databases are not publicly accessible, all access is controlled and audited, two-factor authentication is used for all devices, and backups are performed and encrypted at regular intervals. Internal Data access is strictly controlled. We maintain an audit log for administrator access.
Did this article answer your question? Thanks for the feedback! There was a problem submitting your feedback. Please try again later.