Skip to main content

Data security practices

This page explains how Komodo Publications Planning handles your data in order to deliver the functionality we offer.

Common principles

Common principles that Komodo Health adheres to are as follows:

  • Komodo Publications Planning runs natively in your Salesforce system, not on Komodo Health's servers.

  • You retain full administrative responsibility and control of your Salesforce systems.

  • Komodo Publications Planning adheres to Salesforce’s data security model. Komodo Publications Planning users are only able to see data they have been given access to through the Salesforce sharing model.

  • Komodo Publications Planning adheres to Salesforce's field-level security model. Komodo Publications Planning users are unable to see fields they would not otherwise see in the product.

  • All data is stored in, and stays in, your Salesforce system. With the exception of enabled 3rd party integrations, data does not leave your Salesforce system. Visit External services.

  • It is important for Komodo Health customers to develop a routine data backup strategy as Komodo Health does not back up customer data. Salesforce performs data backups, but it is best practice to have your own backup strategy. Details on backing up your data can be found on the Salesforce help site.

  • Explicit administrator action is always required before data leaves the Salesforce system.

External services

Depending on your requirements, Komodo Publications Planning may need to communicate with external services to fully operate. All of this communication is facilitated through the Komodo Publications Planning product, installed within your Salesforce systems. Komodo Health never sends your data directly to any other third party service.

All communication with external services is always performed over an HTTPS connection using the TLS protocol, currently 1.1 or greater. This communication occurs between your Salesforce systems and the relevant 3rd party.

The features that may require your company data to leave your Salesforce systems are listed below. These features are optional, disabled by default, and require an administrator to enable or set up.

Office 365

Once the Office 365™ integration is configured, you can check out and edit in your browser documents managed within Komodo Publications Planning.

Komodo Health maintains the Office 365™ environment that your Salesforce system connects to and the Amazon Web Services (AWS) backend services that temporarily store checked out documents and their changes. When a document is checked back in or a document check out is canceled, the document and all changes made to the document are removed from AWS.

The Komodo Publications Planning product consumes the Office 365™ service as-is. Komodo Health makes no representations about the Office 365™ service and cannot guarantee the availability, reliability, privacy, or security of the Office 365™ service. Komodo Health has limited abilities to support and monitor the Office 365™ service. By using the Office 365™ integration, you agree to utilize the Office 365™ service as-is and agree to absolve Komodo Health of any and all liability that you or any person or entity associated with you may incur as a result of utilizing the Office 365™ service.

Collaborator portal

The Collaborator Portal only displays Salesforce data and never stores it at rest. Access to your data is provided through a REST API that adheres to Salesforce's data security model. Authorization to access your data is done through Salesforce's implementation of OAuth 2.0.

Altmetric/Dimensions

Digital Science’s Altmetric and Dimensions APIs provide access to enriched journal and article data. You can use this data to select where to submit publications and to understand the impact of your publications across social platforms.