"Eleos is well worth the investment."
"Eleos has absolutely been a game-changer for me. I really, really love it."
"Eleos creates that snowball effect of not only improving the clinician’s experience in terms of work-life balance, but also improving the quality of care."
Eleos secures $60M through series C fundraising round!
Schedule a Demo

Your Questions Answered: From Eleos Health 101 to Behavioral Health AI Basics

 

When it comes to AI and behavioral health, it can sometimes feel like there are more questions than answers. We get it—AI can be scary. Is it the path to a better future or the robot invasion? While it’s too early to say for certain how the AI revolution will unfold, we did want to compile a list of our most frequently asked questions (and answers) about Eleos, AI, security, privacy, and more. So if you have questions, read on for what we hope are the answers you seek. 

Eleos Health 101: What’s the Story on the Tech?

Eleos was born out of a deep desire to help the hard-working providers who dedicate their lives to guiding people through the choppy waters of behavioral health. If you’re curious about who we are and why we do what we do, head over to our “About” page. But for insight into key Eleos definitions and functionality, here are the quick hits—a.k.a. Eleos 101.

Q: How does Eleos define “behavioral health?”

A: We consider the behavioral health field to be inclusive of a variety of professionals trained to help clients improve their mental health, lifestyle, substance use, patterns of behavior, interpersonal relationships, and more. Clinically speaking, this includes specialties such as Intellectual/Developmental Disabilities, Early Childhood Intervention, and Applied Behavior Analysis.

Q: Which EHRs does Eleos integrate with?

A: Eleos doesn’t “integrate” with EHRs; we offer a lightweight technical embedding solution via a browser extension, which requires minimal IT investment from your EHR and internal IT teams. We’re compatible with a variety of web-based EHRs, including Carelogic, Credible, InSync, SmartCare, My Avatar NX, MyEvolv, EchoVantage, PCE, Kipu, Welligent, eHana, and Exym.

Q: How do you integrate science into your solutions?

A: Science is at the core of everything we do. We have multiple licensed clinicians (some who still practice!) on staff as well as a team of clinical consultants who help ensure Eleos doesn’t deviate from our purpose. We have anywhere from 5 to 15 studies in progress at any given time, including peer-reviewed, published research in respected journals. Our clinical team, customers, and leading research institutions work together to ideate and execute studies on the impact of AI in behavioral health. 

Behavioral Health & AI: What’s the Buzz?

Naturally, most of the questions we hear center on the elephant in the room: AI. So without further ado, here’s our artificial intelligence FAQ.

Q: How accurate is AI technology, and how do you ensure continuous improvement?

A: Eleos Health’s AI technology is based on the most robust Natural Language Processing (NLP) engine in the world, developed by AWS. From there, we customized the engine to understand and be specific to behavioral health.

We have the industry’s largest voice data set of real-life behavioral health sessions. When you look at accuracy, consider that as humans, we understand 96% of what people tell us. The Eleos word error rate, which measures NLP accuracy, is around 93-94% accurate. Our stellar clinical team, led by Dr. Denny Morrison, continuously reviews our data to ensure ongoing improvement and correctness of the engine and models.

Q: Do you have studies verifying the validity of your data?

A: Yes! Our Science page outlines our published peer-reviewed studies as well as those in progress with esteemed research institutions.

Q: Do you worry about technology overstepping its place in the relationship between the therapist and client?

A: The relationship between providers and clients is at the center of great care. We understand the thought of adding technology to that relationship can feel awkward or even untoward. Eleos Health’s ambient solution operates in the background–at provider and client discretion–and does not intrude in the care or therapeutic journeys of clients. Eleos is not here to replace providers’ judgment about the proper course of clinical care. We exist to supply insights and empower clinicians to deliver higher quality, more personalized care. 

What About AI Security & Data Safety?

AI security, especially with respect to healthcare data and PHI, is always top of mind for the Eleos development team. We are firm believers that security and privacy come first in the development and enrichment of technology solutions. And we want to answer as many questions about this key topic as we can—so if your questions aren’t answered here, reach out to us!

Psst. Have you checked out our Trust Center for some key intel on Eleos Health’s AI security measures?

Q: How long are the sessions stored for?

A: Eleos processes session audio in real time, deleting the audio within 1-2 minutes after the session concludes. Eleos retains AI-generated note suggestions and user engagement data for refining models, as well as minimal session identifying information such as clinician ID, session date/time, client unique ID, and name.

Q: How do you ensure data storage security? And what about data privacy?

A: We have many safeguards in place to protect client data and privacy.

  1. We are HIPAA compliant as well as SOC 2 certified with HITRUST compliance. For more information on what that means, see our Trust Center.
  2. Eleos ensures data storage security by hosting all customer data on HIPAA and PHI compliant Amazon Web Services (AWS) servers located strictly within the continental United States.
  3. Data privacy is maintained via strict access controls based on the principle of least privilege, authentication methods including SSO and MFA, and logical separation of data between clients.
  4. Eleos minimizes retained data by processing most session audio and transcripts in real time and deleting them shortly after sessions conclude, except for specific retained elements like AI suggestions and minimal session identifying information.

Q: What other certifications and compliance approvals does Eleos have?

A: In addition to being HIPAA and FERMA compliant, Eleos is SOC 2 and HITRUST compliant and has received Deloitte, ISO 27001, ISO 27799, and NIST CSF certifications.

Q: Does Eleos monitor and test security on a regular basis?

A: Yes. Eleos contracts with an independent third-party agency that conducts annual penetration testing and automatically monitors our product for security vulnerabilities via external tools and auditors.

Q: How does Eleos encrypt data in transit?

A: Eleos encrypts data in transit using TLS version 1.2 or higher.. All administrator traffic is encrypted through Eleos Health’s secure VPN. Integration traffic also passes through our secure VPN, which encrypts packet data as well as packet headers. 

Q: How does Eleos encrypt data at rest?

A: Eleos encrypts customer data while at rest on Amazon Web Services (AWS) servers using SSE-S3 (Server-Side Encryption with Amazon S3-Managed Keys). This method leverages the 256-bit Advanced Encryption Standard (AES-256) and is provided by AWS’s enterprise-grade encryption-at-rest guarantees.

Q: How does Eleos detect unauthorized access and other threats?

A: Our system uses a host-based intrusion detection system (HIDS) to continuously monitor for unauthorized access attempts, suspicious activity, and unexpected behavior on each server within the Eleos cloud. Additionally, all company workstations and remote servers deploy endpoint detection and response (EDR) tools to monitor for threats in real time. Our databases also deploy access-control algorithms to identify rare events, items, or observations that differ significantly from standard behaviors or patterns, thus warranting investigation.

Q: Where is Eleos data housed? Does it ever move locations?

A: Eleos supports data deployment in specific geographic regions, and we guarantee that these data will not move outside the originally designated region. Eleos only stores and processes data on HIPAA eligible servers in US-based Amazon Web Services (AWS) data centers.

Q: What security measures are in place for the AWS data centers Eleos uses?

A: AWS data centers meet the highest standards for physical security and access control. Access is strictly limited, and anyone granted access is thoroughly vetted and monitored. Additionally, all physical and electronic access to AWS data centers is routinely logged and audited.

Q: What personnel measures are in place at Eleos to protect customer data?

A: Access to the Eleos cloud is locked down by subnet, port, protocol, server, role, and user. Only the access required for the specific business function is granted. Furthermore, Eleos requires all employees and contractors performing services for Eleos to undergo a thorough background check and participate in security training.

Q: How does Eleos ensure data security when integrating with client systems?

A: Integrations with client systems are managed via the Eleos cloud VPN. We provision, monitor, and manage the VPN to create an overlay network designed to link a customer’s corporate data center and our VPC. This ensures that all communications between the two are encrypted. Finally, a client can leverage Eleos cloud VPN with its existing extranet infrastructure. This VPN supports almost every IPSec data-center extranet solution as well as the standard OpenVPN protocol.

Still have questions? Drop us a line.