Security Policy, Data Protection and GDPR

Our security policy and data protection is going far beyond data encryption, ISO 9001, ISO 20000, ISO 27000 certification and GDPR compliance

CareCloud Is Developed to Protect Customer Personal Data and Your Business

Our complex approach to security warrants data protection of all entry points and secure data storage during the whole data life cycle. Our unique application environment renders any general exploit ineffective. With CareCloud, your security becomes natural and easy.

GDPR COMPLIANT PERSONAL DATA MANAGEMENT

CareCloud is CDPR compliant thanks to the integrated GDPR set of measures. The authorized user can manage all rights of data subjects, such as personal data deletion, anonymization and pseudonymization, and specific purpose restrictions.

With CareCloud, you are sure that your staff will not violate any regulation thanks to features managing personal data subject rights. Moreover, your customer service can handle the subject's consents based on the subject's request and internal policies.

ACCESS RESTRICTION & AUTHORIZATION

All the data are safe, thanks to authorization during each login to CareCloud keeping unauthorized users out of the system. Every user's step is recorded, and logs are accessible to authorized persons to be able to track all user activities.

Manage the access right thanks to customer user groups and roles with specific access & action rights to assure your business and customer data are reserved for intended users. Chose whether a user can only view or even edit the data to get even more precise user management.

THERE IS ALWAYS A DATA BACKUP

Complex processes for backup copy creation assure that you will never lose your data. Thanks to multilevel architecture with computer cluster technology means you don't have to worry about your data. The backups are stored at a separate server in other location for up to six months if you would need to recover even very old data.

REGULAR AUDITS AND CONTROLS

Cortex as CareCloud CDP developer has attained the globally recognised ISO 9001:2017, ISO 20000-1:2011 and ISO 27001:2013 certifications relating to the provision of IT and cloud services such as application hosting, data management, automated data processing, technical support and consultancy.

Continuous data security and regulatory compliance are assured by regular audits and controls performed by the designated Data Protection Officer and external auditors. Audits findings are immediately used for data protection improvement to maintain a state-of-the-art level of security. All developers and other team members are continuously trained.

DIGITAL & PHYSICAL SERVER SECURITY

CareCloud's security policies cover both the network and physical access to the servers. Frequent patching and server maintenance assures that the CareCloud application environment is resistant to the majority of cyber-attacks and can react quickly to any unauthorized attempts. All servers are securely in locked racks in a restricted area for maximum protection. Server rooms are impervious to power outages, fire, or any other physical damage.

EFFECTIVE INCIDENT RESOLUTION

While CareCloud never experienced a security breach, all the processes and protocols are in place for fast and effective resolution. In an improbable case of a breach, recovery processes are triggered to reinstate the security promptly. Part of recovery processes is a fast and complete incident reporting to all affected parties as well as to authorities.

GET ALL THE ANSWERS

Let’s Talk CLOUD and Explore How to Grow Your Business

Please enter a valid email address.
Something went wrong. Please check your entries and try again.