Server-Side

• Existing Firewall and Network Security: The eLYMPUS server utilizes an established firewall security.
• Role-based Access: Role-based access rules manage the flow of specific information to only those users with authorization.
• Authorization: Users must be authorized by the hospital and then authenticated by eLYMPUS before accessing their patients' data.

Client-Side

• Authentication: Freedom users must be authenticated to access data, which is achieved through user registration and the use of secure passwords.
• Personal Identification Number (PIN): A PIN is assigned to each user and is required upon each login. A PIN login is required if Freedom is dormant for more than one hour (site-configurable), and when the "lock & exit" function is activated.
• Data Expiration: After seven days of non-use (site-configurable), where the user has not synchronized the device, all data is purged until the user syncs and logs in using their PIN.
• User Lockout: After five unsuccessful PIN login attempts (site-configurable), the user's account is disabled and data is purged until the user is re-authorized by the I.T. department.

From the hospital's network to the mobile device or desktop computer

• patient data is secured by 128-bit encryption.
• Clinical data and patient identifiers are stored separately and only become decrypted and merged when data actually becomes visible on the smartphone screen.
• Smartphones are prevented from "beaming" protected data to other mobile users.