The AlayaCare iOS and Android mobile applications require that the user enters their credentials to access any confidential information. The session expires if the user is inactive for a number of minutes, configured through the agency’s admin portal. To continue using the application, the user needs to re-enter their password or will be forced to log out.
Data transfer between the AlayaCare server and the mobile device is encrypted in transit using HTTPS.
A mobile user only has access to their own case load. The data available depends on the role of the individual which is managed through the admin portal.
MDM can be used to limit usage of the mobile device by the user. Some of the typical use cases involve: preventing the user from rooting the device and preventing the user from doing screen shots.
The AlayaCare Android application can be used in Offline Mode. The system administrator controls the access and session length for this module. With Offline Mode, all data is stored in an encrypted database on the device which protects sensitive data from being read by an unauthorized party. Upon session expiration or user logout, the data will be completely cleared off the device.