Privacy and Security
We work relentlessly to protect your data.
At NovaSignal, patient privacy and safety, information and data security are at the foundation of everything we do. Patient identifiable information is never propagated beyond the authorized clinical team. We adhere to all HIPAA standards and train all employees on safeguarding PHI.
Our comprehensive privacy and security protections cover compliance standards for cloud computing and storage, and communications. NovaSignal’s engineering team have extensive information and data security expertise. Several of our security engineers have led data security teams at Fortune 100 companies.
NovaGuide 2 Platform
The NovaGuideTM 2 Platform is a comprehensive, integrated solution designed to be seamlessly incorporated into clinical practice. The NovaGuide 2 Platform empowers physicians with critical, real-time information about cerebral blood flow to guide diagnosis and improve patient outcomes. The platform is comprised of the NovaGuide Intelligent Ultrasound system and NovaGuide View cloud-based SaaS application, as well as NovaKit exam essentials and NovaCare service and support.
NovaGuide 2 Intelligent Ultrasound
NovaGuide 2 Intelligent Ultrasound uses NovaSignal’s FDA-cleared, CE-marked robotic ultrasound technology. It is manufactured in a MDSAP and ISO 13485:2016 certified facility compliant to FDA Quality System Regulations (21 CFR 820).
NovaGuide’s software requires user-authentication to log in with role-based access for operations, from manual data entry, automatic query from an MWL server, and exam uploading of data to PACS and/or NovaGuide View application.
NovaGuide View is secure, encrypted, and reliable. NovaGuide View is designed by industry-leading security experts and features multiple layers of security to ensure exam data is transferred, stored, and viewed securely. Securely populated with data straight from NovaGuide, NovaGuide View delivers the full exam experience to help inform a diagnosis – including snapshots, videos with audio and reports.
Uploading exam data to NovaGuide View happens with a HTTPS TLS1.3 encrypted endpoint which can be defined securely in the Hospital IT firewall through defined inbound/outbound rules.
How NovaGuide View Works
Security & Compliance Controls
Key elements of NovaSignal’s end-to-end security and compliance controls include:
|Certification||NovaGuide View’s Private Cloud network invokes SOC2 Type 2 compliant services |
|Encryption||RSA 2048-asymmetric keys for signature and verification|
|Transportation||HTTPS using TLS v1.3|
|Authentication||Username and password using Google, Microsoft Azure, or application-specific single sign-on|
|Authorization||Hospital IT management provides specific upload/list/read/delete permissions to individual user accounts|
|Logging||User access is monitored and recorded in HIPAA-compliant logs, which are saved for 7 years|
|Residuals||Cookies are not stored by NovaGuide View on any local viewing device|
|Pen testing||Only authorized NovaGuide devices can upload an exam; full stack, end-to-end pen testing is performed to prevent man-in-the-middle attack|