Lucena HealthLucena Health

Privacy & Security

At Lucena Health, we prioritize the privacy and security of patient and user data across all our products, including the LUNA Avatar Kiosk and the Student Enrollment application.

Data Encryption

All data transmitted and stored by Lucena Health products is heavily encrypted.

  • Data in Transit: All communications between client applications (LUNA kiosks, Student Enrollment web portals) and our servers are encrypted using TLS 1.3 to ensure data remains secure while traveling over networks.
  • Data at Rest: All databases and storage volumes are encrypted at rest using industry-standard AES-256 encryption.

HIPAA-Adjacent Patient Data Handling

We adhere to strict standards for handling patient and sensitive personal data across our applications:

  • Minimal Data Retention: We only collect and store data that is strictly necessary for the functioning of our applications.
  • Access Controls: Strict Role-Based Access Control (RBAC) ensures that only authorized personnel have access to patient data, and all access is logged and audited.
  • Student Enrollment: Personal and medical information collected during the student enrollment process is stored in compliance with relevant health and education data protection regulations.
  • LUNA Avatar: LUNA interactions are processed securely. Patient interactions, health-related inquiries, and triage data are treated with the highest level of confidentiality, mimicking HIPAA requirements.

Auto-Logout and Kiosk Mode Security

The LUNA Avatar Kiosk operates in high-traffic public areas, requiring specialized security measures to protect user privacy:

  • Auto-Logout: The kiosk features a strict auto-logout mechanism. If no interaction is detected for a short, predefined period, the current session is automatically and irreversibly terminated to prevent unauthorized access by the next user.
  • Stateless Sessions: Kiosk sessions are designed to be as stateless as possible. Local caching of sensitive information is disabled, and session data is cleared upon termination.
  • Secure Kiosk Mode: The hardware runs in a locked-down environment, preventing users from accessing the underlying operating system, installing external software, or navigating away from the secure LUNA application.