Protecting patient and provider data.
This page is maintained by TeQuaidas Diagnostics to summarize the security and privacy controls in place on tequaidasdiagnostics.com. It describes app-visible controls and current practices — it is not an independent certification or audit report.
The safeguards behind every visit.
Role-based access
Every account is assigned a role — patient, provider, or admin — stored in a dedicated roles table. Application features and data queries gate on that role at the database layer.
Row-level data isolation
Patient records, lab results, orders, and uploads are protected by row-level security policies. Signed-in users can only read or write rows they are explicitly authorized to access.
Encryption in transit
All traffic to tequaidasdiagnostics.com is served over HTTPS/TLS, including portal logins, file uploads, and API calls. Stripe Checkout handles all card data directly.
Signed file links
Lab results, requisitions, and provider uploads are stored in private buckets. Files are delivered through short-lived signed URLs scoped to the requesting user.
Privileged function lockdown
Administrative database functions live in a private schema with execute restricted to the intended roles, so role-check logic cannot be invoked by ordinary users.
Audit logging
Administrative access to patient uploads is recorded with the actor, file, and timestamp so we can review who accessed what, and when.
What we collect and how we use it.
We collect only what's needed to schedule visits, route specimens, and deliver results to you and your clinicians. Payment details are handled directly by Stripe and never stored on our servers.
For full detail on categories of data, retention, and your rights, see our Website Privacy Policy.
Continuous review
We run automated security checks against the platform on an ongoing basis — covering database access policies, dependency vulnerabilities, and integration credentials — and remediate findings as part of normal operations.
Shared responsibility
Customers and providers play a role too: use a strong unique password, keep your sign-in email secure, and notify us promptly if you suspect an account has been compromised.
See something off? Tell us.
If you believe you've found a security or privacy issue affecting our website or services, please contact us so we can investigate.