Security Policy, Data Protection and GDPR
Our security policy and data protection is going far beyond data encryption, ISO 9001, ISO 20000, ISO 27000 certification and GDPR compliance
CareCloud Is Developed to Protect Customer Personal Data and Your Business
Our complex approach to security warrants data protection of all entry points and secure data storage during the whole data life cycle. Our unique application environment renders any general exploit ineffective. With CareCloud, your security becomes natural and easy.
GDPR COMPLIANT PERSONAL DATA MANAGEMENT
CareCloud is CDPR compliant thanks to the integrated GDPR set of measures. The authorized user can manage all rights of data subjects, such as personal data deletion, anonymization and pseudonymization, and specific purpose restrictions.
With CareCloud, you are sure that your staff will not violate any regulation thanks to features managing personal data subject rights. Moreover, your customer service can handle the subject's consents based on the subject's request and internal policies.
ACCESS RESTRICTION & AUTHORIZATION
All the data are safe, thanks to authorization during each login to CareCloud keeping unauthorized users out of the system. Every user's step is recorded, and logs are accessible to authorized persons to be able to track all user activities.
Manage the access right thanks to customer user groups and roles with specific access & action rights to assure your business and customer data are reserved for intended users. Chose whether a user can only view or even edit the data to get even more precise user management.
THERE IS ALWAYS A DATA BACKUP
REGULAR AUDITS AND CONTROLS
Cortex as CareCloud CDP developer has attained the globally recognised ISO 9001:2017, ISO 20000-1:2011 and ISO 27001:2013 certifications relating to the provision of IT and cloud services such as application hosting, data management, automated data processing, technical support and consultancy.
DIGITAL & PHYSICAL SERVER SECURITY
CareCloud's security policies cover both the network and physical access to the servers. Frequent patching and server maintenance assures that the CareCloud application environment is resistant to the majority of cyber-attacks and can react quickly to any unauthorized attempts. All servers are securely in locked racks in a restricted area for maximum protection. Server rooms are impervious to power outages, fire, or any other physical damage.
EFFECTIVE INCIDENT RESOLUTION
While CareCloud never experienced a security breach, all the processes and protocols are in place for fast and effective resolution. In an improbable case of a breach, recovery processes are triggered to reinstate the security promptly. Part of recovery processes is a fast and complete incident reporting to all affected parties as well as to authorities.