Keeping Your Data Secure
We take the privacy and security of your data very seriously.
For server-based practices, the Aesthetic Neural Network is powered by the ANN bundleBOX, a piece of hardware that is shipped to you once you’ve joined. The box will plug directly into your server.
For Cloud-based practices, we connect to your data via an Application Programming Interface (or API) given by your software provider.
Either way, it’s important to note how secure our connection to your data is.
The ANN bundleBOX employs a read-only user that allows us to execute queries against your database. It is a Linux machine that relies on a standard username/ password for authentication.
However, neither the bundleBOX nor an API asks for any ePHI (Electronic Patient Health Information), does not store any ePHI, and the bundleBOX doesn’t even have the SQL (Structured Query Language) queries stored on it. When it “wakes up” to query, it “phones home” for its instructions, executes the query against the database, encrypts the results, and sends the data up to the Cloud. The upstream recipient is a purpose-built HITRUST certified Cloud, constructed and managed by Iron Medical Systems. All communications between the box and the ANN cloud are SHA256-encrypted inside of an ad hoc virtual private tunnel. That’s the highest level of security available.
In terms of privacy, we don’t actually need to de-identify your data, because we specifically do not request any identifiable data. We “query” for procedures on a particular date, but only for the coarse demographics of the patient (age group, gender) treated with that procedure. We do pull pricing information and, where available, endeavor to connect prior quotes to completed procedures for closing percentages. We pull all of your historical practice data during your initial onboarding process, then query weekly for changes and updates.
On the ANN community, all collective data is aggregated, meaning that your colleagues can’t identify you or your patients.