Skip to main content

One post tagged with "Hello"

Hello tag description

View All Tags

Secure By Design

· 3 min read
Tim Duncan
Tim Duncan
Chief Technology Officer
Mark Humphreys
Mark Humphreys
Solution Architect

Secure by Design is a proactive, security-focused approach to the design, development and deployment of products and services that necessitates a holistic organisational approach to security. Secure by Design requires threats to be considered from the outset through thoughtful design, architecture and security measures. Its core value is to protect privacy and data through designing, developing and delivering products and services with fewer vulnerabilities, and then ensuring security is maintained throughout their life cycle.

Why?

The Innowell platform houses critical data that, when compromised, may have severe impacts on individuals and organisations. Vulnerabilities – that could have been prevented – are increasingly resulting in people being impacted by data breaches. Now more than ever, it is crucial for Innowell and our clients to ensure the security of data is at the core of everything we do. At Innowell we use Secure by Design as the first step to ensuring that data stays secure.

Sharing responsibility for security.

Innowell is responsible for maintaining the integrity and security of the data it stores for its clients. We do this by:

  • implementing strict data access policies and strong security credentials for accessing that data
  • encryption of data at rest in our data centres
  • encryption of data in transit between the platform (both user interface and APIs) and the users
  • advising clients (and their integration partners) on the use of security standards and best practice

Clients (and their integration partners) are responsible for the integrity and security of data that it supplies and retrieves from the Innowell platform, but API or through the use of the user interface. They do this by:

  • sending only necessary, valid patient data to Innowell
  • ensuring any patient data is accessed safely and kept securely once it is retrieved from Innowell
  • implement best practice and standards for access and storing patient data
  • keep all credentials secure (including API keys) so that only authorised personel are allowed access to data

Prevention is better than cure.

Secure by Design aims for early detection of vulnerabilities and weaknesses through quality assurance and continuous testing. Innowell uses automation and repeatable processes to detect and resolve issues on a continual basis.

Found an issue?

If you detect or suspect an issue with the Innowell platform, please contact us immediately at api-support@innowell.org. Include any relevent information about this issue (steps to reproduce, screen captures, timelines, etc) and contact information so that we provide the fastest and most appropriate response.