The confidentiality, integrity and access of data are critical in online services, but no more so than when dealing with peoples’ private health data.
- We employ industry-standard Transport Layer Security version 1.2, and all data is transferred using HTTPS.
- Independently verified by SSL Labs to have A-Grade security.
- Private data requires a username and password to access.
- We use an extended validation website certificate, proving authenticity.
- We have a password policy to ensure passwords with sufficient entropy are chosen.
- We have account suspension and timed lockout procedures in place for multiple unsuccessful password attempts.
- We use open source software for the server, which is housed in a secure facility.
- We have an optional two factor authentication system available using your iPhone or Android mobile phone.
- We use individually salted passwords
- QUALYS Labs gives the site an 'A' rating, giving you peace of mind.
- The server is regularly updated with the latest security fixes