.. include:: ../variables.rst .. _hosted: Frequently Asked Questions ========================== This page collects the questions we are asked most often. If your question is not here — or an answer below raises a follow-up — email |SUPPORTEMAIL| or :ref:`open a support ticket` from inside |APPNAME|. Hosting and Data Residency -------------------------- **Q: Where is our compliance data stored when we choose the hosted option?** All data is stored in **Canada**. That includes the instance of |APPNAME| itself, local backups, and the offsite backups to our private cloud. Data never leaves Canadian soil. **Q: What would our URL for accessing the platform be?** Your URL is of the form ``siteid.cphs.cloud``, where ``siteid`` is a short abbreviation of your organisation's name. For example, Hope Memorial Hospital is reached at ``https://hmm.cphs.cloud``. If you are not sure what your site ID is, email |SUPPORTEMAIL|. **Q: Is there an additional cost for the hosted solution?** No — the hosted and on-premise versions of |APPNAME| cost the same. You pay for the functionality, not the hosting model. **Q: How long is our data retained?** All audit data is retained for the life of your |APPNAME| subscription. If you cancel, we provide a one-time export of your data in CSV and XML form and keep a single archive copy for 90 days as a safety net before it is permanently deleted. Security -------- **Q: Is the web interface secure?** Yes. We use Let's Encrypt domain-validated certificates for encryption, and certificates are rotated every 90 days. All traffic between your browser and the |APPNAME| server is encrypted with TLS 1.2 or higher. **Q: Do you still require a VPN for access into our facility?** No, we do not. If your organisation already runs a VPN specifically for |APPNAME| access, the associated account can be removed at your convenience. **Q: Does** |APPNAME| **store patient names, IDs, or any other patient identifiers in its database?** No. |APPNAME| does not collect or store any patient identifiers. The system tracks observations of hand hygiene events at the level of facility, unit, and health care provider category — no individual patient information is captured. **Q: How do you protect user passwords in** |APPNAME| **?** User passwords are stored using an SHA-256 HMAC function. Passwords are never stored or transferred in clear text. **Q: Does** |APPNAME| **support two-factor authentication?** Yes. Any user can enable time-based one-time passwords (TOTP) from their profile; any standard authenticator app works. See :ref:`Two-Factor Authentication`. Reliability ----------- **Q: Do you monitor system performance and uptime?** Yes. We use an uptime monitoring system that alerts us by email and/or SMS if any of the servers are experiencing issues. We track both platform uptime and page-response times. **Q: Do you back up data in the event of an outage or hardware failure?** Yes. For the full backup strategy, :ref:`click here`. **Q: What is your service-level target?** |APPNAME| targets 99.9% uptime measured on a monthly basis. Any planned maintenance is scheduled ahead of time and announced to the |APPNAME| administrator on the account. Auditing and the cp2go App -------------------------- **Q: Which devices does** |AUDITSOFTWARE| **run on?** |AUDITSOFTWARE| is available as a native application for iPad, iPhone, Android phones and tablets, and Windows desktops. It also runs as a :ref:`progressive web app` in any modern browser, and as a web-based auditing screen inside |APPNAME| itself. See :ref:`auditingsoftware` for the full matrix. **Q: Can auditors work offline?** Yes. Both the native apps and the PWA keep working when there is no network. Observations are stored on the device and uploaded automatically the next time it is online. **Q: How do new auditors get added?** A |APPNAME| administrator creates a user account with the Auditor role on the appropriate facility, and the new auditor receives a welcome email with their sign-in details. There is no licence charge per auditor. Reporting --------- **Q: We have a report we use internally — can you add it to** |APPNAME| **?** Yes, very likely. If there is no matching report in |APPNAME| already, we will review the request and add it where it fits the broader platform. See :ref:`report.policy` for details on how new report requests are handled. **Q: How often are reports refreshed?** Every report definition is refreshed automatically once a day, generally just after midnight. You can also run a refresh by hand at any time from the row menu on the Reports page. **Q: Can I export compliance data for use in other tools?** Yes. Every report supports CSV and Excel output, and the |APPNAME| REST API exposes the underlying compliance figures for programmatic use. **Q: Why is a distribution list marked "No-Go"?** A distribution list only sends when it has at least one recipient, at least one report, and no stale reports. A "No-Go" badge on the list means one of those three conditions is not met; the hint text on the badge tells you which. See :ref:`distributionlists`. Passwords and Sign-In --------------------- **Q: How do I reset my password?** Click the ``Recover your Password`` link on the sign-in screen. |APPNAME| emails you a temporary password and asks you to set a new one on your next sign-in. For the full walkthrough, see :ref:`SettingPassword`. **Q: Why does the sign-in screen reject my correct password?** A few possibilities, in rough order of likelihood: * your account has expired — ask your administrator to extend it. * your role has been disabled or is not configured to allow sign-ins. * caps lock is on, or autofill has substituted the wrong password. * the account was deleted. Email |SUPPORTEMAIL| if you suspect this.