Contact Us

Our customer service team are always happy to hear from you!

Call: +44 (0)845 527 5994

Follow us on

Registered in England & Wales
Company No. 09213639
Partnering with Clinical experts across the industry who are at the forefront of their specialist areas.

 

© PathCloud Ltd 2019 - All Rights Reserved.

184 Cambridge Science Park Cambridge CB4 0GA United Kingdom

Security & Compliance

Keeping Data Safe & Patients Healthy

Security Statement

LAST UPDATED: MAY 9th, 2019

PathCloud values the trust that our customers place in us by letting us act as custodians of their data. We take our responsibility to protect and secure your information seriously and strive for complete transparency around our security practices. Our Privacy Policy also further details the ways we handle your data.

Our Role

PathCloud Ltd is a ‘data processor’ for the purposes of data protection legislation. We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy notice.

Physical Security

PathCloud’s information systems and technical infrastructure are hosted within world-class, SOC 2 accredited data centers. Physical security controls at our data centers include 24x7 monitoring. The personal data that we collect from you will only be stored and processed by us within the United Kingdom.

GDPR & Compliance

PathCloud is committed to maintaining the trust and confidence of the users of our service. We respect their rights and are committed to protecting your privacy in accordance with Data Protection regulation and GDPR at all times. PathCloud Ltd is a ‘data processor’ for the purposes of data protection legislation and has appointed a data protection officer (DPO)

General Data Protection Regulation was enforced on 25 May 2018. The GDPR was designed tp unify data confidentiality laws across all European countries, to protect humans privacy, and offer better approaches to privacy data gathering, handling, and analyzing.

Access Control

Access to PathCloud’s technology resources is only permitted through secure connectivity (e.g. SSL) and requires multi-factor authentication. Our password policy requires complexity, expiration, and lockout and disallows reuse.

Personnel

PathCloud conducts background screening at the time of hire (to the extent permitted or facilitated by applicable laws and countries). In addition, PathCloud communicates its information security policies to all personnel (who must acknowledge this) and requires new employees to sign non-disclosure agreements, and provides ongoing privacy and security training.

Vulnerability Management and Penetration Tests

PathCloud maintains a documented vulnerability management program which includes periodic scans, identification, and remediation of security vulnerabilities on servers, workstations, network equipment, and applications. All networks, including test and production environments, are regularly scanned using trusted third party vendors. Critical patches are applied to servers on a priority basis and as appropriate for all other patches.

We also conduct regular penetration tests and remediate according to severity for any results found.

Development

Development, testing, and production environments are separated. All changes are peer reviewed and logged for performance, audit, and forensic purposes prior to deployment into the production environment.

Breach Notification

Despite best efforts, no method of transmission over the Internet and no method of electronic storage is perfectly secure. We cannot guarantee absolute security. However, if PathCloud learns of a security breach, we will notify affected users so that they can take appropriate protective steps.

Your Responsibilities

Keeping your data secure also requires that you maintain the security of your account by using sufficiently complicated passwords and storing them safely. You should also ensure that you have sufficient security on your own systems.