Security
Application Security
Promptly provides a licensing SaaS Model, where all the service management (updates, upgrades, platform scalability) and the technical support are included in the license. The fulfilment of this document was performed based on the premise of being a SaaS model; we adapted some of the sections to adhere to this model.
At Promptly we believe that good security practices start with our own team, so all employees complete security awareness training annually.
Data Security and Privacy
Promptly follows a Privacy by Design (PbD) approach. Privacy by Design is embedded into the design and architecture of Promptly’s IT systems and business practices. User personal information and patient clinical data are stored in different physical database servers with segregated access policies. Data Analytics systems only has access to pseudo anonymized data by design.
All data in Promptly servers is encrypted at rest. AWS stores and manages data cryptography keys in its redundant and globally distributed Key Management Service (KMS).
