The privacy and security of your and your patients’ personal information is our highest priority.
The following page describes the Quentry security features we have within our software as well as the organizational policies Brainlab has in place to ensure the confidentiality of your personal information and all Protected Health Information (PHI) of your patients.
Select a security area on the right to get more details.
Quentry offers the option to upload and share de-identified patient information by choosing an “Anonymization” option when uploading data. When this option is selected, users are reminded to remove visible patient information from the DICOM dataset before uploading.
Quentry is a password-protected platform, which prohibits profile and group information from appearing on Internet search engines. Users and groups may choose to prevent their contact information from being visible to other Quentry users.
As a secure image storage platform, images, attached documents, and comments are only viewable by the individual user and those contacts that have been granted access to the specific patient folder.
Quentry users are able to define specific data handling permissions for each contact with whom they share patient data. Users define permissions for tasks including viewing, downloading, and uploading additional medical data.
Quentry offers secure online storage. All user-generated data is stored on servers that are located in secured facilities with 24/7/365 surveillance. Quentry utilizes data centers which are ISO 27001, SOC 1/SSAE 16/ISAE 3402 (formerly SAS70), and FISMA certified and accredited.
Quentry file data is stored within Amazon Web Services AWS (S3), a robust storage service designed for 99.999999999% durability.
Quentry encrypts patient data during upload and download, as well as throughout the entire storage period.
Quentry employs the SSL/TLS data transmission protocol. The supported protocol versions and signature algorithms are frequently monitored and tested. Client handshakes with insecure or deprecated protocol versions are blocked by the Quentry platform. All files stored within Quentry are encrypted using the AES symmetric-key encryption standard with a 256-bit key. The underlying Quentry.com certificate is issued by GlobalSign.
Quentry user passwords must be a minimum of 8 alphanumeric characters, contain a mix of upper-case and lower-case letters, at least one numeral, and are case sensitive.
Brainlab is committed to complying with applicable rules and regulations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as amended by the Health Information Technology for Economic and Clinical Health Act (HITECH) through the implementation of stringent privacy and security policies and procedures.
Brainlab has defined the following roles and responsibilities and has measures in place to meet or exceed HIPAA compliance:
Sensitive patient data should remain secure and never fall into the wrong hands.
We have gone to great lengths to ensure a high level of security is built into Quentry, to minimize the risk of outside threats.
A recent security assessment conducted by Intel® McAfee evaluated exposure to known security vulnerabilities to determine the extent to which these services are susceptible to an attack or penetration from the Internet.
The test concluded that Quentry is subject to a low risk of attack and received a Grade A (highly secure) rating.
See Affirmation Letter from Intel for more details.