Security & trust

Overview

Synexi is built for healthcare volunteer coordination. We use industry-standard practices for hosting, transport encryption, access control, and account security. This page summarizes our approach; it is not a legal contract and does not replace your own compliance program, privacy assessments, or agreements with your institution.

Encryption & infrastructure

Traffic to the service uses HTTPS. Data is stored with managed cloud providers using encryption at rest as offered by those platforms. Payment card data is handled by Stripe; we do not store full card numbers on our servers.

Accounts & access

Role-based access separates students, organization users, and administrators. You are responsible for safeguarding passwords and who you invite to your organization workspace. Report suspected unauthorized access using the contact below.

Health information & HIPAA

Whether HIPAA or similar rules apply depends on how you use the platform, what data you enter, and your relationship with covered entities. Synexi does not provide clinical care. Organizations should consult qualified counsel and enter into appropriate agreements (for example, BAAs) where required before putting regulated health information in any software.

Reporting issues

If you discover a security vulnerability, please contact us with details so we can investigate. Do not perform testing that could harm other users or violate law.

• logan@synexi.org
• Phone: 469-900-5128

Related

See also our Privacy Policy and Terms of Service.