Empatica has implemented the following security protections around the E4 infrastructure (E4 wristband, E4 Manager / Empatica Realtime and Empatica Connect):
- Empatica Connect is hosted by Amazon Web Services (AWS) the global leader in cloud based solutions. AWS is ISO 27001 certified to comply with gold standard "security management best practices and comprehensive security controls" and SOC 3 certified to be protected against "unauthorized access, use, and modification".
- Empatica does not know the identity of individuals who's data is housed in Connect. No end-user personal data is allowed to be collected from individual study participants (accounts are associated with the researcher, not subject) so data is effectively anonymous.
- Data transmission between Empatica devices and smartphones as well as storage on the smartphones are protected through obscurity, data is stored in a custom binary format that can not be interpreted without our APIs.
- 128 Bit encrypted data transfer between our servers and applications (Empatica Connect, Empatica Manager, and Empatica Realtime, and mobile APIs)