Security

At Heydoc, security is not a feature. It’s cultural.

Access to the system & disaster recovery

As Heydoc is cloud-based, you can access your data from anywhere and from any device, as long as the device is connected to the internet.

The site is also optimised for mobile devices. This means that access to the system and to the data is not dependant on your location or the device you are using. Hence, in the event of a disaster (e.g. fire, flood, etc.), you will still be able to access the system and your data from any location with an internet connection, and be up and running with full access to patients’ files and information immediately. You can also download your data directly from the system in order to create as many of your own backups as you would like.

Two-factor authentication

Two-factor authentication adds an extra layer of security to Heydoc at login.

If activated, you will not only require your password when logging in, but also a login code generated on your smartphone to access your account. This significantly increases the security of your heydoc account.

Role based access

All access to Heydoc is via password which should be regularly updated.

Heydoc’s inbuilt security system only allows those with administrator rights to manage access for any other users of the same organisation. The system administrator is the only one able to select the roles of other users. Some roles have limited or no access to patient data, medical records or financial information, therefore allowing access to any confidential information for only selected authorised users. The system administrator is able to instantly block or allow access to the system at any time from any internet connected device.

Data storage and transfer

Your data is physically stored on servers which have achieved the highest level of security certification, as used by banks and government services.

Our servers are located in London, United Kingdom. Only a very limited number of authorised staff from Heydoc Limited can access these servers. Data is replicated continuously, with multiple copies stored between security centres to ensure immediate failover. Data in transfer is fully encrypted using the most secure cryptographic technologies available (256-bit level of encryption). This means that when you access your data via the internet the heydoc server will negotiate a secure link with the end user via a process called SSL. This is the same technology used for online banking and credit card transactions and is known to be the most secure system available.