CareFor is now part of the CareLineLive family of software
Data Security and Privacy
CareLineLive provides extremely high levels of protection against loss of customers’ data due to malicious activity. At the same time, the historical uptime for our services is at 99.997% and we have robust backup processes and a strong disaster recovery plan.
Certified with internationally recognised standards
As a company we are ISO 27001 certified and are NHS Data Security Protection Toolkit and Cyber Essentials Plus compliant.
Safeguarding data against malicious activity
CareLineLive employs a multi-layered approach to protect customer data from malicious activities. These include:
- Web-browser based access such as ours is significantly safer than remote desktop environments which are notoriously insecure as they allow users access to the server’s operating system
- Strict network and application firewall policies with AI-assisted anomaly detection, to stop and identify any malicious activity
- Isolated network infrastructure, restricting the ability for worms to propagate
- Strong encryption used whenever data is transferred (in-transit) or stored (at rest)
- We have both automated as well as human-managed penetration tests that regularly test the vulnerabilities of the systems
Data Security and Privacy
Automated data backup and disaster recovery
Of course, it’s not right to assume that the worst-case scenario is not a possibility. In the event of a disaster event, we have the following mitigations in place to help us quickly recover:
Automated backups
Point-in-time-recovery backups enabled, allowing us to restore data back to a specific point in time; as well as regular full backups which are stored in a separate location
Rapid infrastructure replacement
‘Immutable’ infrastructure, allowing any service to be replaced in a matter of minutes
Standby server always available
Data is replicated to a standby server as soon as it is written, allowing us to failover to the standby server in seconds
Disaster recovery plan
A comprehensive and regularly tested disaster recovery plan, accessible to all staff
Continuous scanning for vulnerabilities
Continuous vulnerability scanning to detect and rectify any potential issues before an attacker does