Security

Tally Medicare takes the security of your data and our platform seriously. This page summarizes the practices and measures we use to protect your information and our systems.

Data Protection

We use encryption in transit (TLS) and at rest where applicable. Access to production systems and customer data is restricted to authorized personnel and is logged. We follow industry-standard practices for securing databases, APIs, and application code.

Authentication and Access

We support secure authentication, including multi-factor authentication (MFA) where available. You are responsible for protecting your credentials and for enabling MFA when offered. We do not store passwords in plain text and use secure protocols for authentication flows.

Infrastructure and Hosting

Our services run on infrastructure designed for security and availability. We work with providers that comply with relevant standards and we configure networks and access controls to limit exposure and support monitoring.

Monitoring and Incident Response

We monitor our systems for suspicious activity and have procedures to respond to security incidents. If we become aware of a breach that affects your data, we will notify you and relevant authorities as required by law.

Your Role

You can help keep your account secure by using a strong password, enabling MFA, and not sharing credentials. Report any suspected security issue to us promptly so we can investigate.

Reporting Security Concerns

If you believe you have found a security vulnerability or have a security concern, please report it to us via the contact information on our website or through your account. We ask that you do not disclose the issue publicly until we have had a chance to address it.