SECURITY
Mediclinic is Ultra Secure
Security
Security is the single most important thing for everyone today. Mediclinic Software exceeds and respects the most stringent of security concerns. Our privacy policy states that the data always remains yours, we never on sell, use or disseminate data we store for any purpose other than hold this for you to operate your business or clinic.
Security Certificates
We use multi-layered security for all our websites and apps. This includes standard protections, such as SSL/TLS, EEC certificates and AES encryption. We want to do everything we can to protect this data so we go well beyond what is required. For instance, we use AES256 or AES512 for data stored in our systems. We ensure each customer's data is stored in its own secure database and there is no way to access data between these. We perform multiple extra checks to identify suspicious logins and enforce multi-factor authentication. We also limit the amount of data that can be requested and will revalidate connections before sending data back to you. We also only allow our two DevOps engineers access to the data with multi-party authentication. This prevents one of the most common forms of attack where a hacker steals the login details of an administrator. In all TELEHEALTH and chat messaging uses we also add the layers of End to End encryption which is designed for these specific purposes.
WHERE IS MY DATA STORED?
We store all of our software and data on MS AZURE Central Regions Servers, restricted to Government use for PROTECTED DATA - Classified. A Mouthful Yes! But that is how seriously we and the Government takes protection of health data seriously. There are no exceptions and too many software companies flaunt the rules.
Under every countries Privacy Laws there are VERY STRICT RULES in the legislation stating Health Data is subject to Data Sovereignty. This means Health Data cannot transit overseas under any circumstances if it has Government data attached. What is Government data? YOUR PATIENT DATA and your Provider number is Government data so if your current software company is not using the same standards and storages as us – THEY ARE NOT COMPLIANT WITH THE LAW
Government data
Government Data means all data and information (including Personal Information and Protected Information) generated by or relating to the Government and its functions (including data and information relating to the Government’s operations, assets, programmes, personnel, clients and customers) in whatever form that data and information may exist.
The Australian Privacy Act states that data can be stored overseas with Explicit consent but not PROTECTED GOVERNMENT DATA and the following is considered PROTECTED GOVERNMENT DATA and this is from 2017 and laws have been made more strict since then. Sadly too many software providers do not keep updated thinking because they do not have claiming gateways to the health department they are exempt from the rules. THEY ARE NOT - and they skirt their legal responsibilities.
-
European Data is stored in Netherlands
-
Germany as from January will be stored in Munich
United Kingdom data is stored in London
-
United States Data is stored in The United States.
Any Health Card or Medicare number, any concession card information, Health Insurance information or number, any provider number and so much more is considered Protected GOVERNMENT DATA. Don’t take our word, call Department of Health and get verification! We have written documentation, but we are restricted under law from sending or displaying this here.
As a Cloud Software Vendor for HEALTH DATA and programs, we have signed agreements with the Department of Human Services and various other Government agencies in other countries. Australian Government
Mediclinic software operates GLOBALLY and as such we have separate data bases for each country so if in Europe or Germany your data is stored locally on the same secure equivalent server structure that we employ in Australia. We also exceed and comply and ensure our services are provided from the Data centres in your country and we also have agreements in place with every country where we provide our services.
We are not able under the laws and agreements signed to provide these to you because that would mean the government is authorising our services above others and this is justified under unfair trading.
BACK UPS
Safer than a computer disc in your office or a backup you take home.
We backup every 15 seconds and send these backups to other secure servers authorised by Government so if there is anything that can go wrong we have this covered. We ensure nothing can go wrong but we take no chances.
DATA ENCRYPTION
We use the highest of security measures encrypting your data and using more than 167 other measures, as well as UNIQUE, AZURE security implementations for Central Regions Data centre storage clients.
Our data uses encryption methods that are targeted for Military use and we are always updating and improving on these with innovations that we know have such high standards. We exceed the encryption of AES 512 SSL Encryption in transit and at rest and storage keys are separated as well as images and documents on various secure servers so no compete set of data can be captured by Bad Governments or actors in the hacking sphere.
Data can always be hacked if you are connected to the internet. With the security features we employ, IT CANNOT EVER NEVER BE USED or configured to be used in any way. We ensure that with consistent penetration and systems testing we know we are more than secure so you will never have to worry. And on top of this you have the security of knowing we use the most advanced Secure Government Critical Data centres for our use. The secret of security is NOT to disclose what or how we do things and we do not just say TRUST US. We have signed Government agreements and store our data on Critical Government infrastructure servers. That is the highest commitment any company can make. Ask us for more information if you want to know more.
WE ARE APPROVED FOR CLAIMING
Mediclinic Software is approved for claiming and data security by the Australian Government Health Department who obtains the Defence Signals Directorate Authority and clearance before we are permitted onto The Azure Central Regions Servers. This is one of the many reasons why we are SECURE and you can entrust us with your data security and Privacy.
Australian Signals Directorate (ASD; until 2013: Defence Signals Directorate, DSD) is the Australian government agency responsible for foreign signals intelligence, support to military operations, cyber warfare, and information security.
Australian Signals DirectorateSECURING YOUR DATA
The data is yours & we respect that
You entrust us to secure your data and your patients too as well as notes, records and uploaded files. At all times we guarantee to exceed the highest of standards dictated or requested by all government authorities and we exceed those for any Privacy Legislation in place. The data remains yours at all times and never do we use or sell or give any parts to any person, company or authority. We do not use it for any marketing or any purpose. All we do is act as your Security and Storage agents.
We exceed every Privacy Law in operation in any country and we do not operate in countries deemed BAD ACTORS such as Nigeria, China, Russia ,North Korea as well as Iran and many others. You cannot even access our websites in these countries adding to security levels.
Mediclinic Software Security Policies staff and client policies for website.
Click on the link to download the security policy.
Security PolicyLINKED SERVICES
Sometimes we need to link services such as BlueSnap, TYRO, PayPal, banks and other payment methods. We have unique ways of dealing with this so they never see or can access your data. When we do link, for example credit cards you place in our system software these are uniquely stored in a way that every part is multiple encrypted and no one knows what it is. The amazing part of Technology!