Protect your research participant data
Ethnio stores all Customer data in AWS US West (Oregon), a SOC 2 Type 2 accredited data center and has SOC 2 Type 1 certification from A-LIGN.
You decide what data you retain or delete. Easily set options to automatically delete screener responses, scheduling emails, and incentive records from all account – only store data for the time it is needed. Read more about Ethnio’s GDPR commitment.
Two factor authentication (2FA)
Keep your data secure by adding an extra level of protection to user accounts. Require all memeber enter an authentication token prior to gaining access to Ethnio. Read more about 2FA.
Ethnio is fully compliant with TheCalifornia Consumer Privacy Act (CCPA), a new California privacy Law, where applicable. Many of our customers work hard on CCPA compliance, so it’s important that Ethnio supports that compliance by giving customers control of our platform and through our own terms and policies. Read more.
Single Sign-on (SSO)
Make signing in a breeze with SSO authentication. Get full access to Ethnio with one simple login. Ethnio supports most IdPs: from Okta, to OneLogin, and more. Read more about SSO.
Pentests & vulnerabilities
Ongoing penetration testing are performed, using the Cobalt platform, to ensure your data is safe and secure. This measures the security posture of a target system or environment and helps us scan for vulnerabilities through the year.
Physical security controls
AWS security includes a number of physical security features depending on the location, such as security guards, fencing, security feeds, intrusion detection technology, and other security measures.
Remote backups are performed regularly and stored in a different physical location from the main servers.
Full user access control
Define what users can see and do within your Ethnio account. Make sure data is safe from unauthorized users, even those within your organization – setting limits and permissions for billing, invoices, and incentives.
Ethnio fully supports HIPAA compliance, but no research tool or SaaS can ever be truly HIPAA compliant as it is not about the platform, but the users.
Ethnio’s security and privacy standards meet the highest tier for research software, including every component required for HIPAA compliance.
Security issues or questions?
If you have any questions or want to report a vulnerability, or if you suspect someone has violated Ethnio’s terms and conditions, please contact the Ethnio Security Team at firstname.lastname@example.org