FAQ: Study Data Protection
How will my data be protected?
Summary of Levels data storage practices
- Levels uses a HIPAA-compliant cloud platform, Aptible, to manage our server and database infrastructure.
- Aptible manages and audits security best practices, including ensuring that data is encrypted via AES-256 industry standards at rest and End-to-end Encryption in transit. Traffic is encrypted all the way from endpoints to app and database containers using strong Transport Layer Security (TLS) ciphers.
- Databases are not publicly accessible, all access is controlled and audited, two-factor authentication is used for all devices, and backups are performed and encrypted at regular intervals. Internal Data access is strictly controlled. We maintain an audit log for administrator access.