Security Overview & Infrastructure

Security at Lime Health AI

Security is foundational to everything we build at Lime Health AI. As a healthcare technology company handling protected health information, we maintain comprehensive security practices that meet or exceed industry standards.

Infrastructure Security

Our platform is hosted on secure, HIPAA-compliant cloud infrastructure with enterprise-grade security controls. We leverage the security capabilities of our cloud providers while implementing additional layers of protection specific to our healthcare use case.

Data Encryption

All data is encrypted both in transit and at rest. We use TLS 1.2+ for data in transit and AES-256 encryption for data at rest. Encryption keys are managed through dedicated key management systems with regular rotation.

Access Control

We implement role-based access control (RBAC) throughout our platform. Access to PHI is limited to authorized personnel on a need-to-know basis. All access is logged and regularly reviewed.

Application Security

Our development practices include security code reviews, automated vulnerability scanning, dependency monitoring, and regular penetration testing by independent security firms.

Monitoring and Incident Response

We maintain 24/7 security monitoring with automated alerting for suspicious activity. Our incident response plan defines clear procedures for identifying, containing, and remediating security incidents.

Vendor Management

All third-party vendors with access to our systems or data undergo security assessment. Vendors handling PHI are required to sign Business Associate Agreements and demonstrate HIPAA compliance.

Employee Security

All employees undergo background checks and receive security training. Access to production systems requires multi-factor authentication and is granted based on the principle of least privilege.

Contact

For security inquiries or to report a vulnerability, please contact security@getlimeai.com.