Security

The confidentiality, integrity and access of data are critical in online services, but no more so than when dealing with peoples’ private health data.

  • We employ industry-standard Transport Layer Security version 1.2, and all data is transferred using HTTPS.
  • The server is located in a data-centre that has a ISO 27001:2013 certificate giving you peace of mind.
  • Independently verified by SSL Labs to have A-Grade security.
  • Private data requires a username and password to access.
  • We use an extended validation website certificate, proving authenticity.
  • We have a password policy to ensure passwords with sufficient entropy are chosen.
  • We have account suspension and timed lockout procedures in place for multiple unsuccessful password attempts.
  • We use open source software for the server.
  • We have an optional two factor authentication system available using your iPhone or Android mobile phone.
  • We use individually salted passwords
  • QUALYS Labs gives the site an 'A' rating, giving you peace of mind.
  • The server is regularly updated with the latest security fixes
  • The site is highly reliable. The website has an independently verified uptime of % over the past 365 days.