Data & Privacy Policy
1. General
At GoMedic24, your privacy and the security of your information are our top priorities. We are fully committed to safeguarding your data and maintaining your trust. Our team works diligently to ensure your information is secure. If you have any questions about our security practices, feel free to reach out to us at Privacy@gomedic24.com, and we will respond as quickly as possible.
2. Keeping Data Confidential
We enforce strict access controls for our employees regarding user data. We have implemented technical controls and auditing policies to ensure the confidentiality, integrity, and availability of your data. All employees and contractors handling user data are bound by our policies, and we treat these matters with the utmost importance.
3. Privacy and Security Training
At GoMedic24, we provide ongoing training to all employees to emphasize the importance of privacy and security. This includes training on the Health Insurance Portability and Accountability Act (HIPAA) and other relevant state and federal regulations. We also ensure that all employees receive annual data security training, regardless of their position.
4. Certifications and Audits
GoMedic24 works with external experts to maintain high security standards and practices. We perform regular penetration testing and conduct annual HITRUST and SOC 2 Type II audits to assess our security measures.
5. Data Encryption
We use industry-standard technology to protect your data. Our platform employs full volume encryption on all data stored at rest, with secure backups and comprehensive backup policies. Data is transmitted securely via Transport Layer Security (TLS) over HTTPS.
6. Secure Storage
GoMedic24 utilizes secure cloud computing solutions, including Amazon Web Services (AWS), to store data in highly secure facilities, both physically and electronically. For more information on AWS’s security accreditations, please refer to their Compliance Programs page.
7. Network Protection
In addition to advanced system monitoring and logging, we apply strong administrative identity controls, authorization, accountability, and authentication, including multi-factor authentication. We also use intrusion prevention and detection systems to protect our platform.
8. Vulnerability Management
Our vulnerability management policy includes both internal and external testing, with third-party penetration testing conducted annually. This process helps us identify and remediate potential risks to our platform and data.
9. Logging and Monitoring
GoMedic24 operates a comprehensive security information and event management (SIEM) system. We maintain centralized logging, monitoring security events, access, availability, and other platform metrics. Our team regularly reviews logs and responds promptly to alerts.
10. Incident Management & Response
GoMedic24 has established policies and procedures to manage security incidents. In the event of a security breach, we notify users if unauthorized access to their data occurs, as required by applicable state laws.
11. Product Security Practices
All new features, functionalities, and design changes undergo a security review process by the GoMedic24 development team. We use automated static analysis tools, and our teams conduct peer reviews of code before deployment. Our Information Security team works closely with the development team to resolve any security concerns that arise during development.
12. Vendor Management
GoMedic24 operates a vendor management program that involves our Legal and Information Security teams in evaluating all third-party vendors, service providers, and partners. We assess each vendor to ensure they meet GoMedic24’s rigorous security and legal standards.
13. Disaster Recovery
We have a disaster recovery plan in place to support business continuity. This plan is developed following industry best practices and high-availability engineering principles.
14. Have Questions or Comments?
If you have further questions, please contact us at Privacy@gomedic24.com.
15. Learn More
Privacy Policy: Our agreement that explains how we collect, use, and share your data.
Terms of Use: Details your rights, responsibilities, and relationship with GoMedic24 and our providers.
Acceptable Use Policy: Guidelines on appropriate use of GoMedic24 services.