Security at PacSana

Security is one of PacSana’s primary concerns. Measures include:

• All applications and customer data are stored on Microsoft Azure IoT cloud which is
HIPAA compliant and HITRUST certified (further details at https://azure.microsoft.com/en-us/overview/iot/industry/healthcare/).

• Personal confidential data is only accessible to staff who need it for their current role and access is removed as soon as it is no longer required.

• Our software development processes follow Secure by Design best practices (further details at https://en.wikipedia.org/wiki/Secure_by_design)

• All Personally Identifiable Data is encrypted in transit and at rest.

• State-of-the-art physical security is in place at all Microsoft Data Centres to control access (further details at https://docs.microsoft.com/enus/azure/security/fundamentals/physical-security)

• Penetration testing is performed annually by a respected 3rd party to test the PacSana infrastructure and highlight any vulnerabilities.