Security

The confidentiality, integrity and access of data are critical in online services, but no more so than when dealing with peoples’ private health data.

  • We employ industry-standard Transport Layer Security version 1.2, and all data is transferred using HTTPS.
  • Independently verified by SSL Labs to have A-Grade security.
  • Private data requires a username and password to access.
  • We use an extended validation website certificate, proving authenticity.
  • We have a password policy to ensure passwords with sufficient entropy are chosen.
  • We have account suspension and timed lockout procedures in place for multiple unsuccessful password attempts.
  • We use open source software for the server, which is housed in a secure facility.
  • We have an optional two factor authentication system available using your iPhone or Android mobile phone.
  • We use individually salted passwords
  • QUALYS Labs gives the site an 'A' rating, giving you peace of mind.
  • The server is regularly updated with the latest security fixes