Data Security and Compliance

    We’re Invested in Protecting your Data

    The Sparta Science platform is architected with rigorous data, security, and privacy standards.

    Security-Privacy

    Trust and Security

    Security is built into every component of our platform and our information security team continually monitors and adapts to a changing threat landscape. Our processes align with the most rigorous industry standards and certifications, including those listed below.

    purple-radial-gradient-background
    Information Security

    Protecting Data and Systems

    Our Movement Health Platform is hosted on AWS cloud platform. The consumer-facing application and programming interfaces (API) are protected with industry-standard SSL certificates with TLS 1.2+ protocol connection enforced. All communication between MHP components is encrypted. Additionally, the database is protected with encryption.

    All cloud storage is encrypted with strong encryption algorithms, and all data transfers are encrypted. The Sparta Cloud infrastructure isolates application tiers, with strict, centralized user and information access management and auditing.

    Sparta Science logs all operations performed on the application, and we use SIEM for proactive threat monitoring and alerting. Our team performs continuous application code and host vulnerability scans, periodic network vulnerability scans, periodic system patching, as well as periodic mandatory penetration testing. In doing so, we aim to comply with information security regulations imposed by the Health Insurance Portability and Accountability Act (HIPAA), NIST SP 800-53 rev.4, and NIST 800-171 publications.

    The platform is compliant with the HECVAT requirements, which makes it available for educational institutions. Sparta Science also uses Voluntary Product Accessibility Template (VPAT) to evaluate its MHP accessibility rating.

    As a necessary part of its engagement with the U.S. government, Sparta Science is actively working towards achieving Information Level (IL) 4 and FedRAMP Moderate accreditation for MHP.

    Partner Trust

    Sparta Science has implemented a sophisticated vendor management program to ensure partners adhere to strict security protocols.

    Organization
    Organization-Wide Compliance

    We maintain comprehensive information security and privacy policies across the organization.

    Awareness
    Awareness and Training

    The Sparta Science team regularly performs cyber-security awareness and data privacy training. 

    Recovery
    Emergency Recovery Plan

    A well-defined business continuity plan and disaster recovery plan is in place and continually reviewed.

    Compliance
    TAA Compliant and FDA Compliant

    We are internally implementing TAA and FDA compliance protocols.

    Data Privacy and Confidentiality 

    Sparta Science maintains a rigorous Privacy Policy. We protect consumer information using the most advanced data encryption and data safety technologies and ensure minimal collection and use of personal information. We implement sophisticated security programs to protect our network and databases from unauthorized access and data leaks. We respect consumers' rights to the ownership of all information we collect about them.

    We do not sell consumer information to third parties for any purpose. Sparta Science honors consumer requests to delete their data, stop the processing of their data, or perform data export. We aim to comply with industry-recognized data privacy programs, such as California Consumer Privacy Act (CCPA). Contact info@spartascience for more information.

    seafoam-radial-gradient
    0-PlatformArchitecture
    Platform Architecture

    Take a Look Under the Hood

    The Sparta Science platform enables a systematic, data-driven approach to assessing and understanding organizational Movement Health. Built to leverage generated and ingested Movement Health data, it delivers novel insights in real time and gets smarter over time.