Security
Enhance Patient & Provider Engagement - Safely and Securely
The Synzi platform is HIPAA compliant and operates in a HITRUST certified environment, ensuring the security of our technology today while future-proofing our solution to meet growing customer needs.
Download the Clear DATA Case Study

Secure Communications: Protected Engagement
Our exclusive focus on healthcare, along with our commitment to meeting the industry’s stringent regulations, truly sets Synzi apart from other solutions. Your communications and connections with colleagues and patients are protected when using Synzi.
Data Protection and Encryption
Data Protection and Encryption
Your messages, images, and information in Synzi’s platform are classified as sensitive. With Synzi, your data is 256-bit AES encrypted at rest on both the device and the server as well as encrypted in-transit using TLS 256-bit AES. Only authorized users (as deemed by your organization) are allowed access.
Cloud Platform
Cloud Platform
Synzi uses the ClearDATA Cloud Platform which combines DevOps automation, security safeguards, and compliance expertise with the most comprehensive Business Associates Agreement (BAA) in the industry. This ensures health IT organizations, and the technology providers supporting them, are adhering to the highest standards of privacy, security, and compliance. ClearDATA is designed to work with multiple public clouds and protects sensitive healthcare data by leveraging purpose-built compliance safeguards, deployment automation, and healthcare expertise. As a result, your healthcare compliance and data security needs are solved.
HITRUST Certified
Data Protection and Encryption
In 2014, ClearDATA successfully achieved Common Security Framework (CSF) Certified status from the Health Information Trust Alliance (HITRUST). This independent, third-party certification assures you that ClearDATA’s cloud computing, backup, disaster-recovery and professional services meet the highest standards for managing security risks and protecting health information. In 2018, ClearDATA became the first healthcare-exclusive cloud provider to achieve HITRUST 9.1 certification on all three of the major cloud platforms: AWS, Azure, and GCP. CSF certification underscores ClearDATA’s continuing commitment to meet and exceed the global healthcare industry’s stringent data privacy and security regulations, including HIPAA, GxP, and GDPR, providing the highest levels of protection against data breaches and malicious cybercrime.
Security Disclosure: Protected Access
Many healthcare organizations trust Synzi’s messaging and video platform and are confident that patient-provider and provider-provider communications remain private and secure. Please see the Synzi privacy policy and user agreements for more information.
Admin Console
A dedicated admin console gives your IT department and personnel managers the flexibility to control access and more. Easily add, remove or investigate users through an admin panel.
Always Reliable
Synzi utilizes multiple secure data centers to mitigate the impact of network outages and natural disasters to ensure connectivity is available at all times.
Regular Testing
The Synzi platform and supporting infrastructure is regularly audited, tested, and validated by vulnerability scans and penetration tests.
Auditable
Available user reports allow authorized administrators to review and monitor staff and patient activity, on-demand.
Industry Certified
Synzi's core vendors are thoroughly vetted, monitored, and assessed. Our partners maintain industry-standard certifications and attestations, including, ISO 27001, SOC 2 Type II, and HITRUST.
Physical Security
Synzi relies on state of the art cloud data centers that provide full-time on-site security personnel, 24/7/365 video surveillance, strict physical access controls and detailed visitor entry logs.
Security Disclosure: Protected at all Levels
Synzi maintains the highest standards for security at every level to keep patient and provider data private and safe.
- Data is segmented at the network and data store level within Synzi; under no circumstances will it be available to users who have not been explicitly authorized to a network or data segment.
- Administrators are able to revoke access to individual users.
- Administrators can set password expiration schedules and require passcodes.
- Users are required to create strong passwords based on industry standard recommendations.
- All connections are TLS AES 256-bit encrypted, in-transit and at rest.
- A service oriented architecture allows us to isolate our components and compartmentalize permissions between them.
- We perform regular penetration testing using the same tools malicious hackers use, so that new vulnerabilities are assessed and addressed as they are discovered.
- Critical security updates for third-party components are performed within 24 hours of availability.
- Synzi’s cloud data centers provide state of the art physical security to our clients. With ISO 27001 certification and regular SOC audits, our cloud provider is trusted by Fortune 500 companies, government agencies and NGOs.
- Multiple Availability Zones are used for a high degree of physical redundancy, mitigating the impact of infrastructure disruptions.
START THE CONVERSATION WITH SYNZI
Learn how your staff can use Synzi’s HIPAA-compliant virtual care communication platform to engage patients, drive adherence, and improve outcomes.