The Clarius security architecture comprises of three main parts: the Scanner, the App and Clarius Cloud. To see where Personal Health Information (PHI) is stored and transferred, please find the following information below.
The Scanner does not store PHI. During the scanning process, the image is streamed from the Scanner to the App on the smart device using a specialized wireless protocol.
The user can choose to enter patient data on the App, which is then associated with the images. The App temporarily stores the images and patient information in a private, encrypted storage space on the smart device's operating system (OS).
On Apple devices this storage space is encrypted natively by iOS. On Android devices this storage space is segregated from other apps on the device and from the user. However, rooting the device may break this Android-enforced protection. It is strongly recommended, when using Android devices, that users do not use rooted devices and that they enable hard drive encryption. Once the App successfully stores the image remotely (i.e. to the Clarius Cloud) the PHI information is deleted from the device.
Completed examinations are pushed to Clarius Cloud for long-term storage. Patient information are stored and encrypted in the server's database. The region of AWS cloud servers that Clarius uses globally are as follows:
When end users want to store their PHI on their own servers, they can select the DICOM option. After images are sent through DICOM, security is on the onus of the user.