Security
Secure and protected medical data
The protection of worker medical records is paramount.
If you are an employer or medical provider there are specific legislative requirements and guidelines on how you should be storing worker records, especially sensitive medical records.
MedPass provdes piece of mind for the storage and transfer of worker medical records.
Data security and encryption
All data and files are encrypted @ Rest and in Transit, using the highest encryption protocol available to commercial organisations. This provides security at rest along with bidirectional encryption of all communications between our clients and the private clouds and guarantee that the contents of communications between the user cannot be read or intercepted by any third party.
Monitoring and testing
We utilise real-time infrastructure monitoring and alerting to ensure system availability and data integrity. The monitoring is managed 24 hours a day 365 days per year.
On a monthly bases we test the implemented controls by running external vulnerability assessment tools and on a yearly basis arrange for external parties to run penetration audits. These audits allow us to continually improve our security controls and processes.
Access control logs and controls are established to ensure authenticated users can only access the database.
Local data centres and backups
AWS data centres utilise the best of breed technologies, combining robust and dedicated architecture inclusive of disaster recovery and backup facilities.
All databases are backed up every day and a history of these backups are stored for a 30 day period. This means that MedPass can restore any organisations database within a 35 day period.