Rest assured we have you covered with our robust data security measures
The hayylo customer experience platform is all about the sharing of information. We connect care providers with their customers via the cloud, so it's important that customers' personal information, and other data from your organisation, remains completely private and confidential. When it comes to your organisation's data, hayylo employs strict protocols to mitigate technological, physical and human risk factors.
Technological security
Data is hosted on Amazon Web Services (RDS & S3)
Database is replicated synchronously, so we can rapidly recover data should the need arise
Web connections to the hayylo service are via TLS 1.2 and above
Databases and transaction layer are encrypted end to end using 2048-bit encryption
hayylo employees have restricted data access based on employee role
Laptops and workstations are secured via full disk encryption and centrally managed
machines and monitor workstations are regularly updated for malware
Customers and organisation staff must authenticate with hayylo prior to accessing the platform and app. Access is centrally controlled so that, for example, one client or family cannot access any other client or family information.
Physical security
Data is hosted in Australia in secure SSAE 16 audited data centres
Our office is secured via keycard access which is logged
Staff must screen lock devices when unattended, automatic screen locking occurs after 5 minutes of inactivity
Data governance
Our Data Access Policy outlines corporate security measures and employee obligations. hayylo employees sign non-disclosure agreements and are only able to access information based on their job function and role. Data is processed in Australian data centres - so data remains subject to Australian law.
In today's technologically complex landscape, managing personal health information demands stringent security and privacy standards. That's why at hayylo, protecting your data is our highest priority.
