/
Data Storage

Data Storage

Owned by Shahid Khan
Last updated: yesterday at 5:37 pm by Gillian Javetski
2 min read

This document provides an overview of how data enters and is stored within CommCare and links to relevant security considerations.

Overview

CommCare stores data in a cloud-based system, which ensures secure and efficient data storage and allows for easy access. Data collected through forms and cases is stored in a structured format, enabling users who have the necessary access & permissions to manage and analyze their collected data effectively.

Data Storage in CommCare

CommCare collects and stores data primarily in three ways:

Form Submissions

  • When a user fills out a form on a mobile or web app, the data is encrypted and transmitted securely to CommCareHQ.

  • Each form submission is stored in a structured format with a unique identifier and timestamp.

  • Data is backed up and maintained to prevent data loss.

Case Management

  • Cases allow users to track entities (e.g., patients, households, projects) over time.

  • Each case has a unique case ID and is linked to related form submissions.

  • Data is automatically updated and version-controlled.

Multimedia Storage

  • Images, audio, and video files collected in forms are stored in cloud-based repositories.

  • Files are compressed and encrypted to optimize storage and maintain security.

  • Access to multimedia data is restricted based on user roles and permissions.

CommCare Servers and Infrastructure

CommCare operates on secure, scalable cloud infrastructure.

Cloud Hosting & Storage

  • CommCare data is primarily hosted on AWS (Amazon Web Services), ensuring high availability and scalability.

  • Servers are distributed globally to ensure low-latency access for users in different regions.

Data Security & Encryption

  • In Transit: All data is transmitted over SSL/TLS encryption to protect it from interception.

  • At Rest: Stored data is encrypted using industry-standard AES-256 encryption to prevent unauthorized access.

Backup & Redundancy

  • Data is automatically backed up to prevent loss in case of server failures.

  • Redundant storage systems ensure high data availability and disaster recovery.

Compliance & Regulatory Standards

  • CommCare complies with GDPR, HIPAA, and other data protection regulations.

  • Role-based access control (RBAC) ensures only authorized users can view or modify data.

Offline Data Storage & Syncing

  • Mobile devices store a local copy of necessary data for offline use.

  • Once a network connection is available, data syncs with CommCareHQ securely.

  • Local data on mobile devices is encrypted to prevent unauthorized access.

Security and Compliance

CommCare’s data storage approach balances efficiency, accessibility, and security. By implementing best practices in data management, CommCare enables organizations to collect, store, and analyze data with confidence.

CommCare prioritizes data security at all levels. Key security measures include:

  • Encryption: Data is encrypted in transit and at rest to protect sensitive information.

  • Access Control: Role-based permissions ensure that only authorized users can access specific data.

  • Audit Logs: Detailed logs track access and modifications to data.

  • Compliance: CommCare complies with global security standards, including HIPAA and GDPR.

For more details on security, visit the CommCare Data Security page.

Related content

Understand CommCare Data
Understand CommCare Data
CommCare Help Site
More like this
Data Submission in CommCare
Data Submission in CommCare
CommCare Help Site
More like this
CommCare Hosting Options
CommCare Hosting Options
CommCare Help Site
More like this
Data De-identification
Data De-identification
CommCare Help Site
More like this
Case Management Overview
Case Management Overview
CommCare Help Site
More like this
Case Management
Case Management
CommCare Help Site
More like this