Our security requirements are powered by MedStack, a leading privacy compliance platform built specifically for the needs of the digital health industry (https://medstack.co/
). MedStack provides secure, flexible, single-tenant cloud infrastructure, with pre-written, code-generated and real-time auditable privacy policies around complex frameworks. This includes alignment with the following frameworks:
Our application environment has been wrapped with all of the technical controls and safeguards required by today’s healthcare enterprise systems. Each element of our security architecture ties back to a specific policy of ISO 27001. These policies are then mapped to the corresponding privacy frameworks and industry standards where we operate.
We also leverage a third party privacy and security management company called Carbide (https://carbidesecure.com/
) which facilitates our alignment with nationally and internationally recognized privacy and security frameworks. Carbide also facilitates privacy and security training. All staff undergo rigorous security and privacy awareness training and are required to understand all policies surrounding safety of data. All training is repeated and tracked to ensure that all staff are up to date on security and privacy issues.
Virtual Hallway is also currently compliant with relevant Canadian provincial health care privacy acts including: PHIA (Nova Scotia), PHIPA (Ontario), and HIA (Alberta).