Skip to main content
In Development
🚀 Coming Soon! Seeking Testers

We're seeking organizational testers for early access to our AI-powered genomics platform.

Humanome.AI
← Back to Documentation

Security & Compliance

Your data security and privacy are our highest priority

HIPAA Compliance

Humanome.AI is fully HIPAA compliant with Business Associate Agreement (BAA) available for all organizations handling Protected Health Information (PHI).

Compliant Features:

  • • Secure patient data encryption (AES-256)
  • • Access controls and authentication (MFA)
  • • Comprehensive audit logging
  • • Data breach notification protocols
  • • Regular security assessments

For BAA inquiries, contact: compliance@humanome.ai

SOC 2 Alignment

Humanome.AI is aligned with SOC 2 standards for security and availability. Our infrastructure and processes follow the Trust Service Criteria.

Key Areas of Alignment:

  • Security (CC): Information security policies, procedures, and controls
  • Availability (A): System availability and performance management
  • Confidentiality (C): Protection of confidential information

Data Encryption

In Transit

  • • TLS 1.3 encryption
  • • End-to-end encryption
  • • Certificate pinning

At Rest

  • • AES-256 encryption
  • • Database-level encryption
  • • Key management services

Access Controls

Authentication

  • • Multi-factor authentication (MFA) available
  • • SSO/SAML support for Enterprise plans
  • • Secure password policies

Authorization

  • • Role-based access control (RBAC)
  • • Granular permission management
  • • Principle of least privilege

Audit Logging

  • • All access logged with timestamps
  • • User activity tracking
  • • Data access records for compliance

Data Privacy & GDPR

Humanome.AI respects privacy rights and complies with global data protection regulations.

Data Processing

We process only what is necessary for variant analysis

Data Retention

Configurable retention policies based on your needs

Data Subject Rights

Access, correction, deletion, and portability rights supported

Data Processors

DPA available for organizations requiring formal agreements

Incident Response

We maintain a comprehensive incident response plan to address any security issues promptly.

Detection

24/7 monitoring and intrusion detection systems

Response

Immediate investigation and containment procedures

Notification

Timely notification to affected parties as required

Compliance Documentation

Privacy Policy

How we collect and use your data

Terms of Service

Terms of use for Humanome.AI

Contact Compliance

compliance@humanome.ai

Security & Compliance - Humanome.AI Docs