Back to Clarity

Security

Report vulnerabilities responsibly.

If you believe you found a security issue in Clarity Health, email security@quasar.nexus with the relevant details.

Sensitive data note

Please do not send medical records, insurance cards, government IDs, or urgent health concerns over email.

What to include

  • A short summary of the issue and why it matters.
  • The affected page, route, or workflow.
  • Steps to reproduce, including any prerequisites.
  • Screenshots, logs, or proof-of-concept details if helpful.
  • Your contact details so we can follow up.

Testing expectations

  • Do not access, alter, or retain data that does not belong to you.
  • Do not submit protected health information over email.
  • Do not use social engineering, phishing, or denial-of-service techniques.
  • Do not modify, destroy, or exfiltrate production data while validating an issue.

How we handle reports

We review reports in good faith, triage based on impact, and follow up through the same email thread when we need clarification.

You can also find the machine-readable security contact file at https://clarity.quasar.nexus/.well-known/security.txt.

This page is the public policy referenced from /security.