Digital Wound Management
Technical Fact Sheet
Security and compliance
We have implemented a comprehensive risk-based security approach to all aspects of our business activities. Our security program is based on the NIST Cybersecurity Framework in conjunction with the ISO 27001 Information Security Management System standard and adjusted to comply with relevant cybersecurity and privacy laws and regulations.
We are HIPAA compliant, covering both patients’ rights for privacy and the secured mechanisms to protect it.
We are ISO 27001 certified by an external party, ensuring that we operate the company using a security-based approach.
We are GDPR compliant, focusing on people’s privacy rights and assuring that sensitive data is properly managed.
Our Quality Management System complies with FDA 21 CFR Part 820, EN ISO 13486:2016, and the EU Medical Device Directive 93/42/EEC.
Our infrastructure is hosted and operated over secured platforms while implementing OS hardening and restricted access as part of a defence-in-depth approach.
All data is encrypted at-rest and in-transit using strong encryption protocols.
a. Data encrypted in-transit (HTTPS TLS1.2)
b. Data encrypted at-rest (AES256).
We evaluate our products’ security posture using industry-standard tools for scanning and manage to remediate high-risk vulnerabilities as fast as possible.
Service availability, backup, recovery, and maintenance
We offer comprehensive structured data integration allowing standard EMRs to consume all data collected in the observation and analysis phases. We support standard HL7 and FHIR data structures.
We support a single-sign-on using Auth0 2.0, SAML, ADFS, SMART on FHIR and similar technologies.
We allow an easy test-and-scale approach by providing an end to end system with a mobile app and a web-based portal, and supportive export of the visit summary as a user-friendly PDF export.
Application device compatibility
Our native application supports both iOS and Android devices that meet the below criteria.