Data is one of the most valuable assets the healthcare industry has at its disposal, covering everything from patient data to important financial transactions. This data is essential to the continued maintenance of the healthcare ecosystem, and more importantly the well-being of its patients. This makes it vital for healthcare systems to take data security seriously and ensure the necessary precautions are in place to protect this important asset.
We’d like to take this opportunity to share with you just how DermEngine has been designed with your privacy and security in mind. Our secure encrypted platform (HIPAA and GDPR compliant) provides advanced encryption on mobile devices as well as on the servers, while ensuring that you and your patients’ information remains safely stored in respective servers around the world while following the strictest regulations of those countries. This means that images, diagnoses, and other patient information are only available to you (the doctor) and the patient- no one else.
DermEngine offers the following protections with your security needs in mind to ensure your data is safe and private at all times.
We work with one of the world’s largest on-demand Cloud computing platforms which operate their data centers in alignment with regulations from across the world to ensure your data remains securely stored.
Account lockout mechanisms are used to combat brute force password guessing attacks to keep your account in your control.
Hypertext Transfer Protocol Secure implementation
Popular when protecting highly confidential information (such as online banking), HTTPS is the method that data is sent between your browser and a website. The “S” (standing for Secure) means that all of your browser communications with the website are encrypted.
DermEngine backs up users’ data daily in case of disaster recovery needs, and are encrypted and stored in different locations for maximized security.
- Cross Site Scripting (XSS)
A type of injection in which malicious scripts are injected into otherwise benign and trusted web sites.
- Cross Site Request Forgery (CSRF)
This causes a user’s web browser to perform an unwanted action on a trusted site for which the user is currently authenticated.
- SQL Injection
It happens when a hacker accesses the full extent your back-end database.
- Click jacking
A malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information.
In addition to the protections listed above, DermEngine complies with the rules and regulations set out on a global scale to ensure our platform remains at the forefront of security and reliability. DermEngine adheres to the following international standards:
The Health Insurance Portability and Accountability Act (HIPAA) is the highest standard for protecting your health information, ensuring necessary physical, network, and security measures are followed.
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a legal regulation on data protection and privacy for all individuals within the European Union. The GDPR aims to make data processing more transparent and give data subjects greater control over how their data is handled.
Health Level 7
Recognized as one of the most commonly used standards in the world, HL7 provides a framework for how information is packaged and communicated from one party to another, setting the language, structure and data types required for seamless integration between systems.
-The MetaOptima Team