Each of the current implementations of PopMedNet™ is hosted in a Federal Information Security Management Act (FISMA) compliant private cloud tier III data center. All communications from the portal are encrypted. Selected current and in-process security features include:

  • Strong passwords expire every 6 months and may not be reused
  • Automatic logoff after inactivity
  • Automated query results deletion
  • Audit of all system activity
  • DataMart Administrators notified of new users
  • Encrypted password storage
  • Use of cryptographically secure random values for session IDs
  • Secure distribution of DataMart Client software

See the System Security documentation on the PopMedNet Wiki for more details.