Security

How we protect your data and your patients' data.

Encryption

All sensitive data, including patient information, is encrypted using AES-256 encryption at rest. All data in transit is protected using TLS 1.3.

Role-based access control ensures that users only see data relevant to their role. Multi-factor authentication is available for all accounts.

HealSuite is fully GDPR compliant. We implement data minimisation, provide data export capabilities, and support right-to-erasure requests.

Our security practices are aligned with ISO 27001 standards for information security management.

All access to patient data is logged for compliance and auditing purposes. Logs are immutable and retained for the required period.

Our infrastructure is hosted on secure, SOC 2 certified cloud providers with redundancy across multiple availability zones.

If you discover a security vulnerability, please report it responsibly to security@healsuite.ai.