Security at Gardeen
Security is one of Gardeen’s primary concerns.
Measures include:
- All applications and customer data are stored on Microsoft Azure IoT cloud which is HIPAA compliant and HITRUST certified (further details at https://azure.microsoft.com/en- us/overview/iot/industry/healthcare/).
- Personal confidential data is only accessible to staff who need it for their current role and access is removed as soon as it is no longer required.
- Our software development processes follow Secure by Design best practices (further details at https://en.wikipedia.org/wiki/Secure_by_design)
- All Personally Identifiable Data is encrypted in transit and at rest.
- State-of-the-art physical security is in place at all Microsoft Data Centres to control access (further details at https://docs.microsoft.com/enus/azure/security/fundamentals/physical-security)
- Penetration testing is performed annually by a respected 3rd party to test the Gardeen infrastructure and highlight any vulnerabilities.