Security at Gardeen

Security is one of Gardeen’s primary concerns.
Measures include:

  • All applications and customer data are stored on Microsoft Azure IoT cloud which is HIPAA compliant and HITRUST certified (further details at https://azure.microsoft.com/en- us/overview/iot/industry/healthcare/).
  • Personal confidential data is only accessible to staff who need it for their current role and access is removed as soon as it is no longer required.
  • Our software development processes follow Secure by Design best practices (further details at https://en.wikipedia.org/wiki/Secure_by_design)
  • All Personally Identifiable Data is encrypted in transit and at rest.
  • State-of-the-art physical security is in place at all Microsoft Data Centres to control access (further details at https://docs.microsoft.com/enus/azure/security/fundamentals/physical-security)
  • Penetration testing is performed annually by a respected 3rd party to test the Gardeen infrastructure and highlight any vulnerabilities.