Beam takes extensive steps to protect the security of your information, including using physical, technical, and administrative safeguards. Beam takes appropriate efforts to protect personal information stored on our Websites or App from unauthorized access using applicable security controls (such as firewalls) as well as carefully developed security procedures and practices.
It is important to note that no method of safeguarding information is 100% secure. We will make all efforts to ensure the protection of your personal information, however, we cannot guarantee that our safeguards will be fully effective or sufficient to prevent every single attempted breach of our security system.
Training for employees
We provide mandatory security and compliance training to all of our employees so they are better equipped to keep your data safe.
Secure email transmissions
Beam encrypts the data it sends using TLS, and customer data is encrypted using industry best encryption standards like AES-256 or shared with a secure file sharing service.
Beam uses cloud-based, third-party providers with high security and privacy standards that are HIPAA compliant.
3rd party security and redundancy
We ensure that all of our third-party vendors meet our security data protection standards before using them.
If we learn of a breach of our security system or processes, we may attempt to notify you electronically so that you can take appropriate protective steps. In the event of a breach, we may post a notice on the website or send you an email at the email address you provided.
Reporting Security Issues
If you believe you have found a security issue with one of our products or services, please report the issue to firstname.lastname@example.org. Do not take advantage of the vulnerability or problem you have discovered, for example by downloading more data than necessary to demonstrate the vulnerability or deleting or modifying other people's data, especially in regards to customer Personal Health Information (PHI). Beam might take legal action against individuals who we discover as having infiltrated our systems or otherwise initiated a security breach. However, if the individual does so and then promptly notifies us without taking further action regarding the discovered bug/vulnerability/breach, we may offer a “safe haven” and not seek to take action against them.
It's helpful if you include your name and contact information with each report. If you would prefer to send your information securely, you can use PGP encryption to protect your report by using Beam’s Public PGP Key.
Please describe the issue in detail, including (for example): the date and time when the issue was first discovered, details needed to reproduce the issue, and a Proof of Concept. Screenshots and videos can also be useful. We will attempt to respond to your report within 10 business days.
We take these reports seriously, so we ask that you keep your findings confidential. Any publication of your findings prior to remediation of the issue may put personal information at risk.