Overview

Hello Alpha believes in creating trust.  Trust between patients and providers, and between users of our website and application.  In service of this value, Hello Alpha maintains cybersecurity and privacy programs to safeguard our websites and our services. Hello Alpha does not offer a public bug bounty program.

That said, we recognize the importance of security researchers in helping the online community stay safe, and so we welcome responsible disclosure of security vulnerabilities. If you believe you've found a security bug in our service, we are happy to work with you to understand the issue so that we may resolve the issue promptly.

Guidelines

Do not conduct any activity that could impact production systems
Do not disclose or attempt to disclose Personal Data or Confidential Information as defined by our Terms of Service and Privacy Policy.
Do not conduct any denial of service testing
Do not engage in social engineering against Hello Alpha employees, providers, patients or users

Reporting a vulnerability

If you believe you’ve discovered a vulnerability on any website or page under helloalpha.com, you may send this information to security@helloalpha.com and we will investigate promptly. You may not receive a response.

Please include as much detail and information as possible so that we may successfully reproduce and verify your findings.

Compensation and recognition

Hello Alpha does not offer a public bug bounty program and does not provide or guarantee any compensation for information provided.