Security Policy

Reporting Vulnerabilities

Please report security issues to: security@healthcare.com PGP Key: [Link to public key]

Response SLA

Acknowledgement: 24 hours
Patch timeline: 72 hours (critical), 7 days (high)
Public disclosure: 14 days after patch

Encryption Standards

Data at Rest: AES-256
Data in Transit: TLS 1.3+
Secrets: Vault-transit encrypted

Access Controls

RBAC Matrix:

Patient:
  - read_own_records
  - manage_appointments

Doctor:
  - read_patient_records
  - update_availability

Admin:
  - manage_users
  - audit_logs

Audit Processes

Monthly penetration tests
Quarterly security training
Annual HIPAA compliance audit
Real-time intrusion detection

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SECURITY.md

SECURITY.md

Security Policy

Reporting Vulnerabilities

Response SLA

Encryption Standards

Access Controls

Audit Processes

Files

SECURITY.md

Latest commit

History

SECURITY.md

File metadata and controls

Security Policy

Reporting Vulnerabilities

Response SLA

Encryption Standards

Access Controls

Audit Processes