Data security is one of PacSana’s primary concerns and we are ISO27001 certified.
- All applications and customer data are stored on Microsoft Azure IoT cloud which is HIPAA compliant and HITRUST certified (further details at https://azure.microsoft.com/en-us/overview/iot/industry/healthcare/).
- Personal confidential data is only accessible to staff who need it for their current role and access is removed as soon as it is no longer required.
- Our software development processes follow Secure by Design best practices (further details at https://en.wikipedia.org/wiki/Secure_by_design)
- All Personally Identifiable Data is encrypted in transit and at rest.
- State-of-the-art physical security is in place at the Microsoft Data Centres, used by PacSana, to control access (further details at https://docs.microsoft.com/en-us/azure/security/fundamentals/physical-security)
- Penetration testing is performed annually by a respected 3rd party to test the PacSana infrastructure and highlight any vulnerabilities.
• The Security Policy was created on April 8, 2021
• Last updated June 14, 2023 to add ISO27001 compliance