{
  "schemaVersion": "1.0",
  "benchmarkVersion": "2026.3",
  "generatedAt": "2026-07-02T00:15:52.473Z",
  "license": "Published by HealthTasks for public reference. Cite the dataset URL and release version when reproducing scores. Vendor trademarks belong to their respective owners.",
  "methodology": "https://healthtasks.ai/benchmark/methodology",
  "documentation": "https://healthtasks.ai/benchmark",
  "lastUpdated": "2026-07-01",
  "publisher": "HealthTasks",
  "category": "Clinical Education Management",
  "dataset": {
    "full": "https://healthtasks.ai/benchmark.json",
    "html": "https://healthtasks.ai/benchmark/dataset",
    "api": "https://healthtasks.ai/api/cem-benchmark",
    "schema": "https://healthtasks.ai/benchmark/schema.json",
    "methodology": "https://healthtasks.ai/benchmark/methodology",
    "vendors": "https://healthtasks.ai/benchmark/vendors/{vendor}.json",
    "capabilities": "https://healthtasks.ai/benchmark/capabilities/{id}.json",
    "capabilityIndex": "https://healthtasks.ai/benchmark/capabilities.json"
  },
  "capability": "platform.security-auth",
  "name": "Enterprise authentication",
  "definition": "SSO, security policies, or enterprise auth controls.",
  "evidenceCriteria": "Public SSO, security, or authentication documentation.",
  "moduleId": "platform",
  "moduleName": "Platform",
  "summary": {
    "vendorCount": 9,
    "supportedCount": 7,
    "supportedPercent": 0.7777777777777778
  },
  "vendors": [
    {
      "vendor": "HealthTasks",
      "vendorSlug": "healthtasks",
      "supported": true,
      "evidence": {
        "url": "https://healthtasks.ai/",
        "quote": "SSO supports SAML 2.0 and OpenID Connect (OIDC) with 20+ common IdPs, including Okta, Microsoft Entra ID (Azure AD), Google Workspace, OneLogin, Ping Identity, Salesforce, and more.",
        "note": "Public SSO and enterprise authentication documentation (Enterprise add-on) satisfies enterprise auth controls.",
        "matchType": "literal",
        "reviewedAt": "2026-07-01"
      }
    },
    {
      "vendor": "Exxat",
      "vendorSlug": "exxat",
      "supported": true,
      "evidence": {
        "url": "https://www.exxat.com/",
        "quote": "Secure access through SAML, Google, and Microsoft Azure AD.",
        "note": "SAML and IdP SSO options directly substantiate enterprise authentication.",
        "matchType": "literal",
        "reviewedAt": "2026-07-01"
      }
    },
    {
      "vendor": "Trajecsys",
      "vendorSlug": "trajecsys",
      "supported": false
    },
    {
      "vendor": "Typhon",
      "vendorSlug": "typhon",
      "supported": true,
      "evidence": {
        "url": "https://typhongroup.com/about-us/",
        "quote": "We maintain robust safeguards, verified through independent audits and certifications such as SOC 2 Type II, TX-RAMP Level 2, and annual penetration testing by Netragard. We also complete the Higher Education Community Vendor Assessment Toolkit (HECVAT), providing transparency into our security and privacy practices for higher-education partners.",
        "note": "Published security policies and enterprise compliance attestations match security-auth evidence criteria.",
        "matchType": "semantic",
        "reviewedAt": "2026-07-01"
      }
    },
    {
      "vendor": "Project Concert",
      "vendorSlug": "project-concert",
      "supported": true,
      "evidence": {
        "url": "https://www.projectconcert.com/services",
        "quote": "HIPAA and FERPA Compliant. Ensuring the safety and security of institutional data is our foremost concern.",
        "note": "Public security compliance documentation; same page also documents SSO integration.",
        "matchType": "semantic",
        "reviewedAt": "2026-07-01"
      }
    },
    {
      "vendor": "TracPrac",
      "vendorSlug": "tracprac",
      "supported": true,
      "evidence": {
        "url": "https://www.vestigohealthsolutions.com/FERPA",
        "quote": "All Instructors must be authenticated by the school before they can be added to the TracPracⓇ system. Instructors cannot self-register for access to any school, program, or student information.",
        "note": "School-controlled authentication and access provisioning for instructors constitutes documented enterprise authentication controls.",
        "matchType": "semantic",
        "reviewedAt": "2026-07-01"
      }
    },
    {
      "vendor": "CORE Higher Ed",
      "vendorSlug": "core-elms",
      "supported": true,
      "evidence": {
        "url": "https://peoplegrove.com/products/core-elms/",
        "quote": "Enable access with single sign-on and integration options for any learning management system.",
        "note": "SSO is directly documented, satisfying enterprise authentication requirement.",
        "matchType": "literal",
        "reviewedAt": "2026-07-01"
      }
    },
    {
      "vendor": "eMedley",
      "vendorSlug": "emedley",
      "supported": true,
      "evidence": {
        "url": "https://www.emedley.com/ekeeper/",
        "quote": "Control user access at a group or individual user level through data permissions.",
        "note": "Group- and user-level access permissions constitute documented enterprise authentication controls.",
        "matchType": "semantic",
        "reviewedAt": "2026-07-01"
      }
    },
    {
      "vendor": "Medatrax",
      "vendorSlug": "medatrax",
      "supported": false
    }
  ]
}
