See your research
in a new light

Prism.bio is a platform for science at the speed of AI. We use deep learning, world-class data, and Harvard metascience to fuel breakthroughs.

Unlock the Hidden Insights in Your PDFs with KnowledgeFinder.ai

Case Study

Can AI do data science? Exploring the capabilities of Prism's technology

If you're wondering if AI can do data science, the answer is yes.

Read More
Discussion

Is AI Research Moving Too Fast? A Prism Perspective

Case Study

Prism's Guide: How to Keep Up with AI Research

Case Study

Prism: Which AI is Best for Data Analysis?

Our solutions

Turn healthcare data into clear, actionable insights. Our solutions are designed to advance your research swiftly and effectively, all at the speed of AI.

Learn more

Blog title heading will go here

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros.

Start earning interest on your knowledge investments

A better way to work with documents. We've made it easy to upload, organize, search, find, and extract knowledge from your documents.
“Fundamentally, we want it to be practical, something that NIDA or a state government official or somebody new to the research or someone much deeper on one end of the neighborhood versus the other could use.”
Dr. Joshua Lee
Professor at NYU in Population Health and Medicine
"Working with Prism was fast, fun, and painless. I wish all of my projects could be like that!"
Assistant Professor
Canadian R1 University
"My only regret is that we didn’t start working with Prism sooner."
Director of Data Science
Top 3 Pharma Company
"Prism’s information management really is everything you would want."
Executive Director
NIH Research Network
"We already spend hundreds of thousands of dollars on research. Prism helps us get more value of it."
VP of Market Access
Top 3 Pharma Company
"We’ve worked with other science and analytics companies, but none of them have the spark that Prism does."
Head of Global Innovation
Top 10 Pharma Company

Schedule a demo

Contact

Security Policy

Publish Date: May 11, 2022

We take the security of your data very seriously at Prism and aim to be as clear and open as we can about the way we handle security. If you have additional questions regarding security, we are happy to answer them. Please write to security@prism.bio and we will respond as quickly as we can.

Platform Controls

Public Cloud Infrastructure

Prism services are hosted over the Internet on a “Public Cloud”, which are computing services offered by third party providers to anyone who wants to use or purchase them. Like all cloud services, a public cloud service runs on remote servers that a provider manages.

Audits

Prism services undergo security assessments by internal personnel and external security firms who perform regular audits of the Prism services to verify that our security practices are sound and to monitor the Prism services for new vulnerabilities discovered by the security research community.

Compliance and Certifications

Prism is SOC2 certified and uses Vanta for continuous monitoring of Prism’s compliance and security posture.

Intrusion Detection

Prism, or an authorized external entity, will monitor the Prism services for unauthorized intrusions.

Security Logs

Systems used in the provision of the Prism services log information to their respective system log facilities or a centralized logging service (for network systems) in order to enable security reviews and analysis. Prism maintains an extensive centralized logging environment in the production environment which contains information pertaining to security, monitoring, availability, access and other metrics about the Prism services. These logs are analyzed for security events via automated monitoring software, overseen by the security team.

Incident Management

Prism maintains security incident management policies and procedures. Prism notifies impacted customers without undue delay of any unauthorized disclosure of their respective Customer Data by Prism or its agents of which Prism becomes aware to the extent permitted by law. Prism publishes system status information on the Prism Status Page. Prism typically notifies customers of significant system incidents via email, and for incidents lasting more than one hour, may invite impacted customers to join a conference call about the incident and Prism’s response.

Data Encryption

Prism services use industry-accepted encryption products to protect Customer Data (1) during transmissions between a customer's network and the Prism services; and (2) when at rest. Prism services support the latest recommended secure cypher suites and protocols to encrypt all traffic in transit. We monitor the changing cryptographic landscape closely and work promptly to upgrade the service to respond to new cryptographic weaknesses as they are discovered and implement best practices as they evolve. For encryption in transit, we do this while also balancing the need for compatibility with older clients.

Reliability, Backup, and Business Continuity

We’re committed to making the Prism services a highly available service that you can rely on. Our infrastructure runs on systems that are fault-tolerant, for failures of individual servers or even entire data centers. Industry standard best practices for reliability and back-up helped shape the design of the Prism services. Prism performs regular backups, facilitates rollbacks of software and system changes when necessary and replication of data as needed.

Customer Data is stored redundantly in multiple locations in our hosting provider’s data centers to ensure availability. We have well-tested backup and restoration procedures which allow recovery from a major disaster. Customer Data and our source code are automatically backed up. The operations team is alerted in the event of a failure in this system. Backups are fully tested at least every 365 days to confirm that our processes and tools work as expected.

Personnel Practices

Prism employees receive privacy and security training during onboarding as well as on an ongoing basis. All employees are required to read and sign our comprehensive information security policy covering the security, availability, and confidentiality of the Prism services.

Infrastructure

Prism uses infrastructure provided by Google Cloud to host or process Customer Data submitted to the Prism services. Information about security provided by Google Cloud is available from the Google Cloud Security website.