We're on Medica 2023, come say "hi" and connect in Hall 12, Booth E53-03!

Home
Products
Medical Device SDK EHR Lite SDK Use cases
Developers
Technology Trust and Data Privacy FHIR Data Model Redundancy and Availability Hybrid Cloud Support Online/Offline Synchronization Data Sharing and Interoperability
Cockpit
Blog
About us
Technical Documentation
Get in Touch
Back to blog

November 06, 2023

A Comprehensive Guide for CTOs on Medical Data Security

post illustration

TL; DR

In a world where data has become a precious currency, safeguarding medical information isn’t just a legal obligation; it’s a sacred duty. For Chief Technology Officers (CTOs) in the healthcare sector, this duty goes far beyond mere compliance – it’s a profound responsibility to shield users’ most sensitive and personal data.

Welcome to a realm where every keystroke, every byte, and every algorithm carries the weight of lives and well-being. In this comprehensive guide, we dive deep into the intricate tapestry of medical data security, revealing the strategies and practices that CTOs must master to protect this invaluable treasure trove of patient information.

Here’s your TL;DR:

  • Know the Regulations: Comply with regulations like GDPR and HIPAA for data security. Stay updated and align policies.
  • Data Security Strategy: Classify data, implement access controls, use encryption, and enhance authentication and authorization for each data category.
  • Secure Data Storage: Select secure infrastructure, isolate medical data, and establish robust backup strategies.
  • Secure Data Transmission: Use secure protocols like HTTPS, VPNs, and secure APIs for data exchange.
  • Employee Training: Train your workforce on password management, device security, and phishing awareness.
  • Vulnerability Management: Regularly assess vulnerabilities, conduct penetration testing, and maintain a robust patch management process.
  • Incident Response Plan: Develop a plan for detecting, responding to, and recovering from security incidents.
  • Third-Party Vendor Security: Assess vendor security, include security requirements in contracts, and monitor compliance.
  • Continuous Monitoring: Implement real-time security monitoring and regular audits for early threat detection.
  • Privacy by Design: Practice data minimization, anonymization, and pseudonymization to protect patient privacy.

Introduction

For a Chief Technology Officer (CTO) in the healthcare sector, safeguarding medical data is not just a matter of compliance — it’s a fundamental responsibility to protect patients’ sensitive information. The unique nature of medical data requires a robust and comprehensive approach to security.

This guide aims to provide you, the CTO, with an in-depth understanding of the strategies and practices necessary to ensure medical data security.

1. Understand the Regulatory Landscape

post illustration

In the healthcare industry, compliance with regulatory standards is non-negotiable.

Familiarize yourself with key regulations that impact medical data, such as the General Data Protection Regulation (GDPR) in the European Union and the Health Insurance Portability and Accountability Act (HIPAA) in the United States.

These regulations outline specific requirements for data security, patient consent, and breach reporting. Stay updated with any changes to these regulations and ensure your organization’s policies and practices are aligned.

2. Develop a Robust Data Security Strategy

A strong data security strategy is the cornerstone for effectively safeguarding medical data. By implementing a comprehensive approach, you can minimize vulnerabilities and ensure sensitive information’s confidentiality, integrity, and availability.

Data Classification

The first step in your strategy involves classifying medical data based on its sensitivity and criticality. This process allows you to gain a clear understanding of the different types of data your organization handles.

Categorize data into distinct tiers, such as:

  • Personally Identifiable Information (PII): This includes patient names, addresses, social security numbers, and other identifying details.
  • Health Records: Medical histories, treatment plans, test results, and diagnoses are part of this category.
  • Financial Data: Billing and insurance information associated with patient records.
  • Research Data: Any data collected for research purposes, including clinical trials and studies.

By classifying data in this manner, you can tailor your security measures to the specific requirements of each category.

Access Control

Implement a multi-faceted access control framework to ensure that only authorized individuals can access medical data.

Role-based access control (RBAC) is a powerful mechanism that assigns permissions based on users’ roles and responsibilities. Each stakeholder is assigned a role determining what data they can access, modify, or interact with. For example, medical professionals might have access to patient health records and treatment plans, while administrative staff might have access to billing and scheduling information.

Implementing strict access controls minimizes the risk of data breaches caused by unauthorized personnel accessing sensitive information.

Encryption

Encryption is a fundamental technique for protecting medical data from unauthorized access, especially during transmission and storage. When data is encrypted, it’s transformed into a format that’s unreadable without the decryption key. .

Additionally, data at rest—when stored in databases or on devices—should also be encrypted.

Encryption ensures that even if physical storage media are compromised, the data remains inaccessible without the decryption key. Implementing encryption safeguards medical data from various forms of cyber threats.

For example, iCure uses asymmetric encryption to make sure respective parties only have access to the information they’re entitled to.

Authentication and Authorization

Authentication is the process of confirming the identity of users, while authorization determines what actions they are allowed to perform. Enhance the security of user logins by implementing multi-factor authentication (MFA). MFA requires users to provide multiple verification forms, such as a password and a unique code sent to their mobile device, before accessing the system.

This adds an extra layer of protection against unauthorized access, even if login credentials are compromised.

Granular authorization mechanisms provide fine-tuned control over who can perform specific actions on medical data. For instance, you can define that only certain individuals can modify patient records, ensuring that sensitive information remains secure and unaltered by unauthorized users.

Developing a robust data security strategy is the foundation upon which you build a secure environment for medical data.

Properly classifying data, implementing access controls, using encryption, and enhancing authentication and authorization mechanisms collectively establish a strong defense against data breaches and cyber threats.

Remember that the data security landscape is dynamic, so continuously assess, refine, and adapt your strategy to counter emerging challenges effectively.

3. Secure Data Storage

Ensuring the secure storage of medical data is paramount to maintaining its confidentiality and availability. Robust data storage practices are a cornerstone of your overall data security strategy.

Choose Secure Infrastructure

The foundation of secure data storage lies in selecting the right infrastructure.

Choosing providers that adhere to stringent industry standards and compliance requirements is crucial whether you opt for on-premises solutions or cloud-based services. Look for providers with high-level security certifications, such as ISO 27001 or SOC 2, as these indicate a commitment to implementing robust security measures.

When evaluating potential providers, scrutinize their data encryption practices, data center security protocols, access controls, and incident response procedures. Additionally, assess their track record for data breaches or security incidents to ensure a history of diligence in safeguarding sensitive information.

Data Isolation

Isolating medical data from less sensitive data is a key strategy to minimize the potential impact of a breach.

Consider segregating medical data onto dedicated servers, virtual machines, or segmented networks. This isolation prevents unauthorized access to medical records through lateral movement within the network.

For instance, a dedicated server solely hosting electronic health records ensures the breach won’t automatically extend to medical data even if another server in the same environment is compromised. This approach significantly reduces the attack surface and limits the potential exposure of critical information.

Regular Backups

Implementing a robust backup strategy is essential for data integrity and availability.

Create a comprehensive plan for regular and automated backups of medical data. Backups should be performed at scheduled intervals, with consideration for the volume of data generated.

Equally important is testing the restoration process.

Regularly practice recovering data from backups to ensure your organization can swiftly restore data to its original state in case of system failures, data corruption, or cyberattacks. A well-tested restoration process minimizes downtime and ensures that medical data remains accessible despite unforeseen challenges.

Securing medical data storage requires a combination of careful infrastructure selection, isolation practices, and robust backup strategies. By partnering with providers that prioritize security, isolating data to minimize exposure, and regularly testing backup and restoration procedures, you create a resilient environment that safeguards medical data against breaches, losses, and other potential threats.

Remember that effective data storage security is an ongoing commitment that demands continuous monitoring, updates, and adaptability to evolving security risks.

4. Secure Data Transmission

Securing the transmission of medical data is essential to prevent unauthorized access and maintain data integrity. Safeguarding data during its journey across networks and systems ensures that sensitive information remains confidential and unaltered.

Secure Protocols

Employing secure communication protocols is fundamental when transmitting medical data.

HTTPS (Hypertext Transfer Protocol Secure) is a widely adopted protocol that provides encryption and authentication, ensuring that data transferred between a user’s browser and a website’s server remains private and tamper-proof. It uses SSL/TLS encryption to protect the data from interception and eavesdropping.

For data exchange between different locations or remote offices, consider implementing Virtual Private Networks (VPNs). VPNs establish encrypted tunnels between connected locations, effectively creating a secure and private network over a public one. This ensures that medical data remains confidential even when transmitted across untrusted networks.

Secure APIs

Application Programming Interfaces or APIs have become crucial for data exchange between different software systems and services. If your organization uses APIs to exchange medical data, it’s imperative to prioritize their security.

When developing APIs, incorporate security measures from the outset. Implement strong authentication mechanisms, such as OAuth 2.0 or API keys, to ensure that only authorized parties can access the data.

Additionally, enforce proper access controls at the API endpoints. This involves defining who can access which resources and what actions they can perform.

Regularly audit and monitor API usage to identify any unusual or unauthorized activity. Ensure that APIs, including security requirements, are well-documented to guide internal and external developers in building secure integrations.

Securing data during transmission is critical to your overall data security strategy.

You can protect medical data from interception and unauthorized access by utilizing secure communication protocols like HTTPS and leveraging technologies like VPNs to establish private networks.

When implementing APIs, prioritizing security from the development stage onward ensures that data exchanged between systems remains confidential and only accessible to authorized parties. Continuously monitor and update your data transmission practices to adapt to emerging security challenges and evolving technology landscapes.

5. Employee Training and Awareness

Empowering your employees with the knowledge and awareness of data security best practices is paramount in creating a human firewall against potential threats. A well-informed workforce is your first line of defense against cyberattacks.

Security Training

Regular and comprehensive security training sessions should be a core element of your organization’s culture. These sessions should cover various critical topics that equip employees with the skills to make security-conscious decisions.

  • Password Management: Educate employees on the importance of strong and unique passwords. Teach them to avoid using easily guessable information and encourage the use of password managers to store credentials securely.
  • Device Security: Provide guidelines on securing devices, both within and outside the workplace. This includes setting up screen locks, enabling full-disk encryption, and ensuring devices are updated with the latest security patches.
  • Physical Security: Emphasize the importance of physical security, such as locking screens when leaving workstations unattended and restricting access to sensitive areas.

Phishing Awareness

Phishing attacks are a common tactic used by cybercriminals to trick employees into revealing sensitive information or downloading malware. It’s crucial to educate your workforce about the risks associated with phishing and how to recognize and respond to these threats.

  • Educational Workshops: Conduct workshops that simulate real-life phishing scenarios. Train employees to scrutinize emails for suspicious elements, including misspellings, generic greetings, and personal or confidential information requests.
  • Examples of Phishing: Provide practical examples of phishing emails, links, and attachments. Help employees identify telltale signs, such as unexpected urgency, unsolicited requests, and unfamiliar sender addresses.
  • Reporting Mechanisms: Establish clear reporting mechanisms for suspected phishing attempts. Encourage employees to promptly report any suspicious emails to the IT or security team so that appropriate actions can be taken.

Creating a culture of security awareness among your employees is a potent defense against social engineering attacks and data breaches.

Regularly conducting security training sessions covering password management, device security, and physical security will empower your workforce to contribute actively to data protection.

Equally important is fostering a keen understanding of phishing risks through educational workshops and practical examples. Remember, the human element is often the weakest link in cybersecurity, but with the right training and awareness, it can become a strong line of defense.

6. Vulnerability Management

Managing vulnerabilities is a crucial aspect of maintaining the security of your systems and infrastructure. You can significantly reduce the risk of security breaches and unauthorized access by conducting regular assessments, identifying weaknesses, and promptly addressing them.

Regular Assessments

Regularly scheduled vulnerability assessments and penetration testing are essential to your organization’s proactive security strategy. Vulnerability assessments involve scanning your systems, networks, and applications to identify potential vulnerabilities and weaknesses. These assessments should be conducted at planned intervals and whenever significant infrastructure changes occur.

Penetration testing takes assessments a step further by simulating real-world attack scenarios to test the actual exploitability of identified vulnerabilities. These tests help you understand the extent of potential damage if a breach occurs.

By conducting these assessments, you gain a clear picture of your organization’s security posture and can take corrective actions to remediate vulnerabilities before they can be exploited by malicious actors.

Patch Management

Staying current with security patches is essential to mitigating known vulnerabilities. As software vendors discover and address security flaws, they release patches or updates to fix these issues. Implementing a robust patch management process ensures that these updates are promptly applied to your systems.

Maintain an inventory of your organization’s software, operating systems, and applications.

Subscribe to security advisories provided by vendors and security organizations to receive updates about newly discovered vulnerabilities. Develop a systematic process to evaluate the criticality of each patch and assess its potential impact on your systems.

A patch management plan should include:

  • Prioritization: Determine the urgency of applying patches based on the severity of the vulnerability and the potential impact on your operations.
  • Testing: Before deploying patches to production systems, test them in a controlled environment to ensure they don’t negatively affect your applications or services.
  • Timely Deployment: Implement a schedule for deploying patches, ensuring critical vulnerabilities are addressed as soon as possible.
  • Monitoring: Regularly monitor your systems for vulnerabilities and ensure that patches are applied promptly to newly identified issues.

Vulnerability management is an ongoing process that demands vigilance and proactive measures. Regular vulnerability assessments and penetration testing provide valuable insights into your security posture, while effective patch management ensures that known vulnerabilities are promptly addressed.

Maintaining a robust vulnerability management program significantly reduces the risk of security breaches and helps maintain the integrity of your organization’s sensitive data.

7. Incident Response Plan

An incident response plan is critical to your organization’s preparedness against security breaches and cyber threats. This plan outlines the procedures and guidelines for detecting, responding to, and recovering from security incidents.

Plan Development

Developing an effective incident response plan requires close collaboration with cross-functional teams, including IT, security, legal, communication, and management. These teams bring diverse expertise to the table, ensuring that all aspects of incident response are covered comprehensively.

Define clear roles, responsibilities, and communication channels for each team member during an incident. Assign individuals to specific tasks, such as incident detection, containment, communication with stakeholders, and post-incident analysis.

The plan should also include:

  • Escalation Procedures: Establish protocols for escalating incidents based on severity. Define the chain of command for decision-making during an incident.
  • Communication Strategy: Outline how and when communication will be established with affected parties, internal stakeholders, law enforcement, and regulatory bodies.
  • Legal and Compliance Considerations: Ensure the incident response plan is aligned with legal requirements and compliance regulations, such as data breach reporting obligations.

Team Training

An incident response team is only effective if they are well-prepared to handle various scenarios. Regular training through simulations and tabletop exercises is essential to ensure team members have the skills and knowledge to respond swiftly and effectively to security breaches.

Simulations involve running through real-life scenarios, enabling team members to practice their roles and refine their response strategies.

Tabletop exercises are structured discussions where team members collaboratively walk through the steps of responding to an incident. These exercises provide an opportunity to identify gaps in the plan and improve coordination.

Regular training helps refine technical skills and enhances the team’s ability to make informed decisions under pressure. It builds confidence and ensures everyone understands their roles during an incident, minimizing confusion and maximizing efficiency.

An incident response plan is the playbook that guides your organization’s response to security incidents. By collaborating with cross-functional teams, defining roles, and regularly training your incident response team, you build a robust framework for effectively detecting, containing, and recovering from security breaches.

Preparedness is key — regularly test and update your incident response plan to adapt to emerging threats and changing circumstances.

8. Third-Party Vendor Security

Managing the security of medical data goes beyond your organization’s boundaries. Engaging with third-party vendors introduces potential risks, making it essential to ensure that their security practices align with your organization’s standards.

Vendor Assessment

The security of third-party vendors directly impacts your organization’s data security posture. Before entering into partnerships, thoroughly assess their security practices. This assessment could involve evaluating their cybersecurity policies, data protection practices, incident response capabilities, and overall approach to data security.

Look for vendors that adhere to recognized security standards, such as ISO 27001 or SOC 2. Request documentation that demonstrates their commitment to protecting sensitive information. Assess their history of data breaches and incidents to gauge their effectiveness in managing security risks.

Contractual Agreements

Clearly defining security requirements in contracts is essential for establishing a shared understanding of the expectations regarding data security. Contracts with third-party vendors should explicitly outline security measures, responsibilities, and expectations related to medical data protection.

Key components to include in contractual agreements:

  • Data Handling: Specify how the vendor handles, processes, and stores medical data. Ensure that they commit to adhering to relevant data protection regulations.
  • Data Access: Clearly state who will have access to the medical data and under what circumstances.
  • Security Audits: Establish the right to conduct security audits or assessments on the vendor’s systems to verify compliance with agreed-upon security standards.
  • Incident Reporting: Detail procedures for reporting security incidents and data breaches promptly. This ensures timely communication and coordination in case of a breach.
  • Termination Clause: Include terms for terminating the contract in case of a security breach or failure to comply with security requirements.

Monitoring Vendor Compliance

Ensuring ongoing vendor compliance is just as important as the initial assessment.

Implement procedures to monitor your vendors’ adherence to the agreed-upon security practices.

Regularly review the vendor’s security reports, conduct on-site visits if necessary, and request evidence of their compliance with security standards. Establish communication channels to address any concerns or breaches and define corrective actions that the vendor must take.

Third-party vendors play a significant role in your organization’s data security ecosystem.

By conducting thorough assessments, establishing clear security requirements in contracts, and continuously monitoring vendor compliance, you can mitigate risks associated with outsourcing services and protect medical data from potential breaches. Vigilance in vendor security is a vital component of maintaining the overall security posture of your organization.

9. Continuous Monitoring and Auditing

Safeguarding medical data is an ongoing endeavor that requires vigilant surveillance and systematic auditing. Continuous monitoring and auditing practices ensure early threat detection, timely response, and the preservation of data integrity.

Security Monitoring

Implement continuous security monitoring across your systems and networks to stay ahead of potential threats. This proactive approach involves real-time tracking of events and activities, enabling swift detection and response to anomalies.

To monitor network traffic for suspicious patterns, utilize technologies such as Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) Security Information and Event Management (SIEM) tools aggregate and analyze log data from various sources, providing a holistic view of potential security incidents.

Anomaly detection mechanisms employ machine learning and behavioral analysis to identify deviations from normal activity patterns. This helps recognize previously unknown threats or breaches.

Auditing

Regular auditing is essential to ensure that security measures remain effective and that data access and usage align with established policies. Auditing involves scrutinizing access logs, user activities, and system configurations to identify unauthorized actions or unusual behavior.

  • Access Logs: Regularly review access logs to identify any unauthorized access or data manipulation attempts. These logs provide a trail of user activities and can help trace the source of any breaches.
  • User Activities: Monitor user activities to identify any unusual behavior or deviations from established patterns. Detecting unexpected actions can reveal potential insider threats or compromised accounts.
  • System Configurations: Regularly audit system configurations to ensure that security settings remain robust. Misconfigured systems can inadvertently expose vulnerabilities.

Internal and External Audits

Auditing should encompass both internal and external assessments to maintain data integrity and regulatory compliance.

Internal audits involve your organization’s internal teams reviewing security measures, policies, and practices. These audits help identify areas for improvement, confirm adherence to security standards, and ensure that employees follow established protocols.

External audits involve independent assessors evaluating your organization’s security practices against recognized standards. These audits may be required for compliance or to assure stakeholders that your organization maintains high security standards.

Implementing real-time security monitoring tools and regularly auditing access logs, user activities, and system configurations allow you to identify and respond to potential threats proactively. Combining internal and external audits ensures a holistic view of your security posture and helps maintain data integrity while demonstrating your commitment to protecting medical data.

10. Privacy by Design

Privacy should be woven into the very fabric of your data practices. By adopting a “privacy by design” philosophy, you prioritize protecting patient information from the outset, ensuring data security, and minimizing the potential for breaches.

Data Minimization

Data minimization entails collecting and storing only the medical data necessary for patient care, research, and organizational operations. The principle is to limit data collection to what is essential, reducing the potential for breaches and unauthorized access.

Regularly review stored data and dispose of information that is no longer required. Develop a data retention policy that outlines how long different types of data should be retained and when they should be securely purged.

Anonymization and Pseudonymization

Anonymization and pseudonymization are techniques that enhance data privacy by reducing the risk of patient identification in case of a data breach.

  • Anonymization: Anonymization involves removing or altering personally identifiable information from data sets, rendering the data non-identifiable. This ensures that even if the data is compromised, it cannot be linked back to specific individuals.
  • Pseudonymization: Pseudonymization replaces identifiable information with pseudonyms or tokens. This allows data to be processed for research or analysis without revealing the true identities of individuals.

The key difference from anonymization is that pseudonymized data can potentially be re-identified using a separate key or process.

By applying these techniques, you protect patient identities while still allowing for valuable research and analysis.

Embracing a “privacy by design” approach ensures that data security is not an afterthought but an inherent consideration in all your data practices.

Data minimization reduces the amount of sensitive information at risk, while anonymization and pseudonymization techniques add layers of protection against breaches.

These practices safeguard patient privacy and demonstrate your organization’s commitment to ethical data handling and security. Remember to regularly review and update your privacy measures as the healthcare landscape evolves and new challenges emerge.

Conclusion

Securing medical data requires strong dedication, teamwork, and the ability to adjust to changing cybersecurity challenges.

The collaborative nature of medical data security involves engagement across various teams, including IT, security, legal, management, and beyond. The synergy of these efforts forms a strong barrier against potential breaches and unauthorized access.

As a CTO in the healthcare sector, your role in safeguarding patients’ sensitive information and ensuring data integrity is pivotal. By diligently implementing the comprehensive strategies and practices outlined in this guide, you can establish an incredibly strong defense against the persistent and evolving cyber threats that target medical data.

Remember, the landscape of medical data security is ever-evolving, with new threats and challenges emerging regularly. Regularly assess, update, and adapt your security measures to stay ahead of these challenges and maintain the trust of patients, partners, and stakeholders.

If you’re looking for an infrastructure backend platform, try iCure for free and enhance your digital health app or medical device software with iCure’s powerful capabilities.

Back

Ready for more?

or stop by our instagram icon or linkedin icon to say hello =)

Terms of use

www.iCure.com

1. RECITALS

ICure SA is incorporated in Geneva, Switzerland, with a registered office at Rue de la Fontaine 7, 1211 Geneva, Switzerland registered in the commercial registry under CHE-270.492.477 (“iCure”).

These Terms of Use constitute a legally binding agreement made between you, whether personally or on behalf of an entity (“you”) and iCure SA (“we,” “us” or “our”), concerning your access to and use of the https://www.icure.com website as well as any other media form, media channel, mobile website or mobile application related, linked, or otherwise connected thereto (collectively, the “Website”).

When you accept, these Terms form a legally binding agreement between you and iCure. If you are entering into these Terms on behalf of an entity, such as your employer or the company you work for, you represent that you have the legal authority to bind that entity.

PLEASE READ THESE TERMS CAREFULLY. BY REGISTERING FOR, ACCESSING, BROWSING, AND/OR OTHERWISE USING THE iCURE, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THESE TERMS. IF YOU DO NOT AGREE TO BE BOUND BY THESE TERMS, DO NOT ACCESS, BROWSE, OR OTHERWISE USE THE ICURE WEBSITE.

iCure may, in its sole discretion, elect to suspend or terminate access to, or use of the iCure to anyone who violates these Terms.

All users who are minors in the jurisdiction in which they reside (generally under the age of 18) must have the permission of, and be directly supervised by, their parent or guardian to use the Website. If you are a minor, you must have your parent or guardian read and agree to these Terms of Use prior to you using the Website.

The original language of these Terms and Use is English. In case of other translations provided by iCure, the English version shall prevail.

2. INTELLECTUAL PROPERTY RIGHTS

The Content of the documentation stated on this Website is ours. All Marks, Content that concern iCure cannot be copied, reproduced, aggregated, republished, uploaded, posted, publicly displayed, encoded, translated, transmitted, distributed, sold, licensed, or otherwise exploited for any commercial purpose whatsoever, without our express prior written permission.

Provided that you are eligible to use the Website, you are granted a limited license to access and use the Website and to download or print a copy of any portion of the Content to which you have properly gained access solely for your personal, non-commercial use. We reserve all rights not expressly granted to you in and to the Website, the Content, and the Marks.

3. USER REPRESENTATIONS

By using the Website, you represent and warrant that:

  1. All registration information you submit will be true, accurate, current, and complete; you will maintain the accuracy of such information and promptly update such registration information as necessary.
  2. You have the legal capacity, and you agree to comply with these Terms of Use.
  3. You are not under the age of 13.
  4. Not a minor in the jurisdiction in which you reside, or if a minor, you have received parental permission to use the Website.
  5. You will not access the Website through automated or non-human means, whether through a bot, script, or otherwise.
  6. You will not use the Website for any illegal or unauthorized purpose.
  7. Your use of the Website will not violate any applicable law or regulation.

4. PROHIBITED ACTIVITIES

You may not access or use the Website for any purpose other than that for which we make the Website available. The Website may not be used in connection with any commercial endeavors except those that are specifically endorsed or approved between you and iCure.

As a user of the Website, you agree not to:

  1. Publishing any Website material in any other media.
  2. Selling, sublicensing, and or otherwise commercializing any Website material.
  3. Publicly performing and or showing any Website material.
  4. Using this Website in any way that is or may be damaging to this Website.
  5. Using this Website in any way that impacts user access to this Website.
  6. Using this Website contrary to applicable laws and regulations, or in any way may cause harm to the Website, or to any person or business entity.
  7. Engaging in any data mining, data harvesting, data extracting, or any other similar activity in relation to this Website.
  8. Using this Website to engage in any advertising or marketing.

5. NO WARRANTIES

This Website is provided “as is,” with all faults, and iCure expresses no representations or warranties, of any kind related to this Website or the materials contained on this Website. Also, nothing contained on this Website shall be interpreted as advising you.

6. LIMITATION OF LIABILITY

In no event shall iCure, nor any of its officers, directors, and employees shall be held liable for anything arising out of or in any way connected with your use of this Website whether such liability is under this agreement. iCure, including its officers, directors, and employees shall not be held liable for any indirect, consequential, or special liability arising out of or in any way related to your use of this Website.

7. INDEMNIFICATION

You hereby fully indemnify iCure from and against any and/or all liabilities, costs, demands, causes of action, damages, and expenses arising in any way related to your breach of any of the provisions of these Terms.

8. SEVERABILITY

If any provision of these Terms is found to be invalid under any applicable law, such provisions shall be deleted without affecting the remaining provisions herein.

9. VARIATION OF TERMS

iCure is permitted to revise these Terms at any time as it sees fit, and by using this Website you are expected to review these Terms on a regular basis.

10. ASSIGNMENT

iCure is allowed to assign, transfer, and subcontract its rights and/or obligations under these Terms without any notification. However, you are not allowed to assign, transfer, or subcontract any of your rights and/or obligations under these Terms.

11. ENTIRE AGREEMENT

These Terms constitute the entire agreement between iCure and you in relation to your use of this Website and supersede all prior agreements and understandings.

12. GOVERNING LAW & JURISDICTION

These Terms shall be governed by and construed in accordance with the laws of Switzerland, without regard to its conflict of law provisions.

The parties shall attempt to solve the matter amicably in mutual negotiations. In case of a non-amicable settlement that has been found between the parties, the Court of Geneva will be competent.

13. PRIVACY

Please refer to our Privacy Policy and Cookie Notice for the Data that we collected from the contact form and the Matomo cookie.

IMAGE ATTRIBUTION

In the development of our website, we have incorporated various icons to enhance visual appeal and convey information effectively. We extend our sincere appreciation to the talented designers and contributors who have generously shared their work with the community. Below is an acknowledgment of the resources we have utilized:

SVG Repo: A repository SVG icons. We integrated their icons into our website. Specifically:

  1. Work by author vmware, Key Badged SVG Vector under MIT License
  2. Work by author Twitter, Cloud SVG Vector under MIT License
  3. Work by author Garuda Technology, Node Js SVG Vector and React SVG Vector under MIT License

Thanks to the authors who contributed to the: SVGRepo, Unsplash, Maxipanels community.

iCure features logos from various products, libraries, technologies, and frameworks that our project interacts with. It is important to note that iCure does not hold any proprietary rights to these logos or the products they represent.

iCure SA

Contact: contact@icure.com

Last update: February 20th, 2024.

Privacy Policy

www.iCure.com

iCure SA (iCure) is incorporated in Geneva, Switzerland, with a registered office at Rue de la Fontaine 7, 1204 Geneva, Switzerland registered in the commercial registry under CHE-270.492.477.

This Privacy Policy describes the information that we collect through our Website (https://www.icure.com), how we use such information, and the steps we take to protect such information. We strongly recommend that you read the Privacy Policy carefully.

BY VISITING THE WEBSITE, YOU ACCEPT THE PRIVACY PRACTICES DESCRIBED IN THIS PRIVACY POLICY. IF YOU DO NOT ACCEPT THE TERMS OF THE PRIVACY POLICY, YOU ARE DIRECTED TO DISCONTINUE ACCESSING OR OTHERWISE VISITING THE WEBSITE.

The original language of this Privacy Policy is English. In the case of other translations provided by iCure, the English version shall prevail.

This Privacy Policy is incorporated into and is subject to, the iCure Terms of Use.

1. Definitions

Administrative Data: means Personal Data such as the Name, Email, and Phone in order to perform administrative tasks like Invoicing or contacting the Client (if support is needed).

Cookies: means text files placed on a computer to collect standard internet log information and visitor behavior information. When you visit a website, they may collect information from a computer automatically through cookies or similar technology (for further information please refer to our Cookies Notice, visit allaboutcookies.org.).

Data controller: means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

Data processor: means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Personal Data: means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing: means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Visitor: means the natural person that submits their Personal Data through our contact form; and/or sends us an email; and/or cookies have been implemented.

All other undefined terms used in this Agreement have the meaning from our Terms and Conditions and the General Data Protection Regulation of the Regulation (EU) 2016/679 of 27 April 2016 (GDPR).

2. Concerning your Personal Data

For this website, iCure collects and determines the use and the purpose of any Personal Data uploaded by the visitor, therefore iCure is defined as the Data Controller according to the GDPR.

2.1 Contact Form

iCure collects Administrative Data that the Visitor completed in our contact form available through our Website.

The Administrative Data that Visitor provides to iCure on this contact form are the First name, the last name, the working e-mail address, the name of your organization, and other Personal Data that the Visitor included in the description of its work.

iCure processes these Administrative Data on the lawful basis of the Visitor’s consent (Article 6, 1. a) of the GDPR).

iCure uses these Administrative Data to perform administrative tasks like contacting the Visitor who completed the contact form, to better understand your needs and interests, and to provide you with better service.

2.2 Email

The Visitor can contact iCure through contact@icure.com to get any information about the Company or new job positions. In this email, the Visitor includes his Name, mail address, and any other Personal Data.

iCure processes these Personal Data on the lawful basis of the Visitor’s consent (Article 6, 1. a) of the GDPR).

iCure uses these Personal Data to answer any request from the Visitor and to consider the Visitor’s job application that they sent us by email.

2.3 Newsletters

iCure offers newsletters to provide you with updates, promotional communications, and offers related to our products and services. If you wish to receive our newsletters, we will collect and process your Personal Data for this specific purpose.

iCure processes these Personal Data on the lawful basis of the Visitor’s consent (Article 6, 1. a) of the GDPR). By subscribing to our Newsletters, you explicitly consent to the use of your Personal Data for direct marketing purposes, including the sending of promotional communications and offers by email.

If you do not want your Personal Data to be further processed for direct marketing purposes, you have the right to withdraw your consent at any time, free of charge and without having to provide any justification, by contacting iCure.

3. Security

iCure has implemented appropriate technical and organizational measures to safeguard your Personal Data against any accidental or illicit destruction, loss, modification, deterioration, usage, access, divulgation, and any other unauthorized processing of your Personal Data. We make every effort to protect personal information. However, you should always be careful when you submit personal or confidential information about yourself on any website, including our website.

4. The data retention period and the conditions for deletion

iCure will not retain your Personal Data, as collected, and processed in accordance with this Privacy Policy, for a period longer than necessary to fulfill the purposes described above.

For the Administrative Data from the contact form completed by the Visitor (as described in section 2.1 of this Privacy Policy), these Data shall be stored for a maximum period of 1 month from the completion of the form.

For the Personal Data from the Email completed by the Visitor (as described in section 2.2 of this Privacy Policy), these Data shall be stored for a maximum period of 2 months from the completion of the form.

For the Personal Data from the Newsletters completed by the Visitor (as described in section 2.3 of this Privacy Policy), these Data shall be stored for a maximum period of 11 months from the date of your consent or until you withdraw it.

5. Your rights

You are entitled to access your Personal Data processed by iCure and request their modification or erasure if it is incorrect or unnecessary. To exercise your rights, you may get in touch with iCure by using the electronic contact form available on our website or send a written and signed request to iCure at the email address privacy@icure.com with a copy of your ID or other identification documents, and any document proving that you are the data subject.

In general, where applicable, you also have the right to withdraw consent to the processing at any time. This withdrawal does not affect the lawfulness of processing based on consent made prior to such withdrawal. In certain cases, you also have the right to data portability. Those rights can be exercised by following the abovementioned procedure.

You have the right to lodge a complaint with a supervisory authority, in the Member State of the European Union of your usual place of residence, your place of work, or the place where the violation occurred, if you consider that the processing of personal data relating to you infringes Data Protection Law.

Please, note that the term of processing of such request can take up to one month. Contact: privacy@icure.com

6. Modification

iCure expressly reserves the right to modify this Privacy Policy and you undertake to regularly review the Privacy Policy. By amending the Privacy Policy, iCure will consider your legitimate interests. You will receive a notification if the Privacy Policy is modified. By continuing to actively use the iCure Services after such notification, you acknowledge that you have read the modifications to the Privacy Policy.

7. Information Sharing

Our employees and/or authorized contractors are the people in charge of the Data Processing.

iCure does not sell, rent, or lease any individual’s personal information or lists of email addresses to anyone for marketing purposes, and we take commercially reasonable steps to maintain the security of this information.

However, iCure reserves the right to supply any such information to any organization into which iCure may merge in the future or to which it may make any transfer in order to enable a third party to continue part or all of its mission.

We also reserve the right to release personal information to protect our systems or business when we reasonably believe you to be in violation of our Terms of Use and Privacy Policy or if we reasonably believe you to have initiated or participated in any illegal activity.

In addition, please be aware that in certain circumstances, iCure may be obligated to release your personal information pursuant to judicial or other government subpoenas, warrants, or other orders.

8. Links to other Websites

This Website may provide links to third-party websites (Instagram and Linkedin) for the convenience of our users. If you access those links, you will leave this website. iCure does not control these third-party websites and cannot represent that their policies and practices will be consistent with this Privacy Policy. For example, other websites may collect or use personal information about you in a manner different from that described in this document. Therefore, you should use other websites with caution and do so at your own risk. We encourage you to review the privacy policy of any website before submitting personal information.

9. Cookies

To get more information on how iCure uses Matomo’s cookies, please check our Cookie Notice.

10. Contact

Please contact us with any questions or comments about this Policy, your Personal Data, and our use and disclosure practices by email at privacy@icure.com If you have any concerns or complaints about this Policy or your Personal Data, you may contact our DPO at privacy@icure.com.

Please, note that the term of processing of such request can take up to one month.

iCure SA

Contact : privacy@icure.com

Last update: July the 26th, 2023.

Information Security Policy

www.iCure.com

1. Introduction

The iCure universe is built on trust. Guaranteeing the confidentiality of the data that are entrusted to us is our highest priority.

The Information Security Policy of iCure abstracts the security concept that permeates every activity and abides by the ISO 27001:2013 requirements for Information Security, so that we ensure the security of the data that iCure and its clients manage.

Every employee, contractor, consultant, supplier and client of iCure is bound by our Information Security Policy.

2. Our Policy

iCure is committed to protecting the confidentiality, integrity and availability of the service it provides and the data it manages. iCure also considers protecting the privacy of its employees, partners, suppliers, clients and their customers as a fundamental security aspect.

iCure complies with all applicable laws and regulations regarding the protection of information assets and voluntarily commits itself to the provisions of the ISO 27001:2013.

3. Information Security Definitions

Confidentiality refers to iCure’s ability to protect information against disclosure. Attacks, such as network reconnaissance, database breaches or electronic eavesdropping or inadvertent information revealing through poor practices.

Integrity is about ensuring that information is not tampered with during or after submission. Data integrity can be compromised by accident or on purpose, by evading intrusion detection or changing file configurations to allow unwanted access.

Availability requires organizations to have up-and-running systems, networks, and applications to guarantee authorized users’ access to information without any interruption or waiting. The nature of data entrusted to us requires a higher-than-average availability.

Privacy is the right of individuals to control the collection, use, and disclosure of their personal information. Our privacy policies are based on the GDPR(https://gdpr-info.eu/) and can be augmented by added requirements of specific clients or law areas.

4. Risk Assessment

The main threats iCure is facing as a company are:

  1. Data Theft;
  2. Data Deletion;
  3. Denial of Service attacks;
  4. Malware;
  5. Blackmail and Extortion.

As providers of a solution used by developers active in Healthcare, we also have to anticipate the risks of:

  1. Attacks on our clients’ data, which could lead to major social damages and a loss of trust in our solution;
  2. Abuse of our solution by ill-intentioned clients, that could impact the quality of the service provided to the rest of our clients.

The motivation of the attackers in the latter cases can range from financial gain to political or ideological motivations.

A last risk is linked to the nature of the healthcare data we handle. We must ensure, that the data we handle are not used for purposes other than those for which they were collected:

A piece of data collected from a patient for the purpose of a medical consultation should not be available to third parties, not even a government agency.

5. Risk Management

The main principles we apply to manage the risks we face are:

  1. Confidentiality by design: All sensitive data is encrypted end-to-end before being stored in our databases. We do not have any access to the data we store. Our client’s customers are the only ones who can decrypt the data we store.
  2. Anonymization by design: Healthcare information that has to be stored unencrypted is always anonymized using end-to-end encryption scheme. This means that the link between the healthcare and administrative information must be encrypted.

Those two principles allow us to minimize the risks of data theft, blackmail, extortion, and coercion by government agency.

  1. Multiple real-time replicas, with automatic failover: We use a distributed database architecture to ensure that our data is available at all times. We use a master-master architecture, each data is replicated at least 3 times. Snapshots are taken every day to ensure that we can restore the data in case of a malevolent deletion event.
  2. Automatic password rotations: no single password can be used for more than 48 hours. Passwords are automatically rotated every 24 hours. In case of a password leak, we can limit the window of opportunity for an attack.

Those two principles allow us to minimise the risks of data deletion, denial of service attacks, and malware.

  1. Minimization of the attack surface: we deploy our systems in the most minimal way. We only expose the network services that are strictly necessary.
  2. Strict dependency management: we only use open-source software that is regularly updated and audited by the community. We favor dependency management software and providers that minimize the risk of supply chain poisoning.

Those two principles allow iCure to minimise the risks of intrusion by vulnerability exploit or supply chain attacks, two risks that could lead to data theft or data deletion.

6. Further Information

This policy is valid as of November 10th, 2022. For futher information please connect with us at privacy@icure.com

Impressum

iCure SA

Rue de la Fontaine 7, 1204 Geneva, Switzerland

CHE-270.492.477

Website: https://icure.com/

Contact email: client@icure.com

Privacy request: privacy@icure.com

This website uses cookies

We use only one cookie application for internal research on how to improve our service for all users. It is called Matomo, and it stores the information in Europe, anonymized and for limited time. For more details, please refer to our and .

Cookie Notice

www.iCure.com

1. Cookies basic information

Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology (for further information, visit allaboutcookies.org.)

You can set your browser not to accept cookies, and the above website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.

2. Types of cookies

Types of cookies depending on the organisation managing them:

Own cookies: these cookies are sent to the user’s terminal from a computer or domain managed by the owner of the website from which the service requested by the user is provided.

Third-party cookies: these cookies are sent to the user’s terminal from a computer or domain not managed by the owner of the website from which the service requested by the user is provided, but by another organisation that processes the data obtained through the cookies. In addition, if the cookies are installed from a computer or domain managed by the Website owner but the information collected by them is managed by a third party, they will also be considered third-party cookies.

Types of cookies according to the length of time they remain active:

Session cookies: these cookies are designed to collect and store data when the user accesses a website. They are generally used to store information that only needs to be kept for the provision of the service requested by the user on a single occasion (for example, a list of products bought) and disappear when the user logs off or ends the session.

Persistent cookies: with these cookies, the data continue to be stored in the terminal and may be accessed and processed for a period defined by the person/entity responsible for the cookie, which may range from a few minutes to several years.

3. How and what cookies do we use

Strictly necessary/ functional cookies (these cookies are Mandatory): are essential to help you move around a website and use its features. They don’t collect information that identifies a visitor.

Analytical cookies (with your consent): collect information about how visitors use a website and help website owners improve site performance. They don’t collect information that identifies a visitor.

4. Cookies used on our website

Our web analytics open-source program, Matomo, uses two types of cookies for analyzing page usage: a session cookie ("MATOMO_SESSID") that lasts for 30 minutes and a persistent cookie ("_pk_id.xxx") that remains beyond the browsing session, allowing anonymous tracking of website usage for up to 13 months (without collecting personal information). Matomo temporarily stores user data, including IP addresses, on our server in anonymized form for evaluation before deletion. This data is solely used for our personnal analysis, with no sharing with third parties.

  • Host: Matomo
  • Cookie name: MATOMO_SESSID
  • Expiration: Session 30 min

  • Host: Matomo
  • Cookie name: _pk_id.xxx
  • Expiration: 13 months

For the purposes of analyzing website usage and to optimize its services. The legal basis for the use of Matomo is Article 6, 1 (a) of the GDPR (consent).

5. Users preference

The user can, at any time, allow, block or delete the cookies installed on his/her device by changing the settings on the browser installed on his/her computer:

  • Chrome Chrome Settings -> Advanced -> Privacy -> Content settings. For more information, consult Google support or your browser Help.
  • Explorer or Edge: Tools -> Internet options -> Privacy -> Settings. For more information, consult Microsoft support or your browser Help.
  • Firefox Firefox: Tools – > Options -> Privacy -> History -> Customised Settings. For more information, consult Mozilla support or your browser Help
  • Safari Safari Preferences -> Security. For more information, consult Apple support or your browser Help.
  • You will not access the Website through automated or non-human means, whether through a bot, script, or otherwise.
  • You will not use the Website for any illegal or unauthorized purpose.
  • Your use of the Website will not violate any applicable law or regulation.

6. Withdrawing consent

The user may withdraw his/her consent relating to the Cookies Policy at any time, and may delete the cookies stored on his/her device by adjusting his/her internet browser settings, as described above.

7. Cookie settings

This Cookies Policy may be modified when required by the legislation in force at any time or when there is a change in the type of cookies used on the website. For this reason, we recommend that you review this policy every time you access our website so that you are appropriately informed of how and why we use cookies.

8. Contact

Please contact us with any questions or comments about this Policy, your Personal Data, and our use and disclosure practices by email at privacy@icure.com

iCure SA

Contact: contact@icure.com

Last update: September 13th, 2023

Quality Policy

www.iCure.com

At iCure SA, we are committed to excellence in all aspects of our work. Our quality policy is designed to provide a framework for measuring and improving our performance within the QMS.

1. Purpose of the Organization

The purpose of the QMS is to ensure consistent quality in the design, development, production, installation, and delivery of Data processing, security, archival, technical support and protection solutions for medical device software, while ensuring we meet customer and regulatory requirements. The document applies to all documentation and activities within the QMS. Users of this document are members of the iCure Management Team involved in the processes covered by the scope.

2. Compliance and Effectiveness

We are committed to complying with all applicable regulatory and statutory requirements, including ISO 13485: 2016 and ISO 27001:2013. We strive to maintain and continually improve the effectiveness of our quality management system.

3. Quality Objectives

Our quality objectives are set within the framework of this policy and as defined by our Software Development Lifecycle and are reviewed regularly to ensure they align with our business goals. These objectives serve as benchmarks for measuring our performance and guide our decision-making processes.

4. Communication

We ensure that our quality policy is communicated and understood at all levels of the organization. We encourage every member of our team to uphold these standards in their daily work whether they are employees, contractors, consultants, suppliers, clients or any other person involved in building our medical data management software.

5. Continuing Suitability

We regularly review our quality policy to ensure it remains suitable for our organization. This includes considering new regulatory requirements, feedback from customers, and changes in our business environment. By adhering to this policy, we aim to enhance customer satisfaction, improve our performance, and contribute to the advancement of medical technology

iCure SA

Contact: contact@icure.com

Last update: April 17th, 2024