Transparent Image
Security & permissions

Security and compliance policies and permissions

Ensure compliance and manage security policies within your program.

Welkin’s security policies and procedures

Welkin takes security seriously. We’ve implemented a number of technical, administrative and physical safeguards designed to protect your data and ensure your program can meet healthcare security standards.

Video: Secure Platform >

Our compliance standards

Welkin Health has secured a SOC2 Type 2 certification and annually undergoes an independent third-party Service Organizational Controls (SOC) 2 Type 2 examination to ensure security, availability and confidentiality of customer data.

Welkin Health enables covered entities and their associates subject to the U.S. Health Insurance Portability and Accountability Act of 1996 (HIPAA) to use its secure environment to process, maintain and store protected health information.

Security policy types

Role Based

Create security policies for each user role in your care program. Every role can be configured with one or more security policies to ensure each user type is assigned the correct level of security needed. Fully customize each role’s visibility from different data set access, to menu items, to communication.

Attribute based

Security policies can be applied to all customizable objects. CRUD (Create, Read, Update, Delete) actions can be controlled for every field, giving an organization complete control over security access levels for the specific type of data and user.

Territory based

Define permissions based off territories and regions. Segmentation might include geography, office locations, care provider licensure, or any other type of segments that work for you. Information will only be accessible to those users who have been assigned to that territory.

API based

Another layer of access control can be defined by your API(s). APIs are assigned a specific role type with defined role settings and permissions. Any data entering via API will have clear limitations including read, write and change making abilities.

Added security features

Audit trail & security log

Use the time stamped audit trail to track who, when, and where user level changes were made. The security log allows you to view all actions taken on user profiles, including every security action that has taken place. Review an audit of automated activities to ensure your program is functioning as designed

Organizational security controls

For added security, your team can leverage MFA or SSO. Choose the method that works best for your team to protect your data.

  • Multi-Factor Authentication (MFA)
  • Single Sign-On (SSO)
  • Password characteristics