Personnel security

Beakr maintains personnel security controls including background checks, security training, and access management for all team members.

Background checks

All Beakr employees undergo background checks prior to their start date. Background checks include identity verification, criminal history, and employment verification.

Security training

• All team members complete security awareness training upon hire and annually thereafter.
• Training covers: data handling, phishing awareness, incident reporting, access management, and HIPAA requirements.
• Engineers receive additional training on secure coding practices, RLS patterns, and infrastructure security.
• Training completion is tracked and documented for compliance reporting.

Access management

• Least privilege. Team members are granted the minimum access necessary for their role.
• MFA required. Multi-factor authentication is required for access to AWS, GitHub, and all production systems.
• Access reviews. Access permissions are reviewed periodically and upon role changes.
• Offboarding. Access is revoked immediately upon separation. Credentials are rotated for any shared systems.

Acceptable use

All team members agree to acceptable use policies covering the use of company systems, handling of customer data, and security responsibilities. Violations are addressed through the sanctions policy referenced in our HIPAA administrative safeguards.