LAST UPDATE: August 28, 2020
Byteflies is a medical device and services company, and we take that responsibility seriously.
In practice, that means we commit to a number of data security principles for all our devices and services, as introduced by I am the Cavalry in there Hippocratic Oath for Connected Medical Devices:
|Cyber Safety by Design|
We respect domain expertise from those that came before. We will inform design with security lifecycle, adversarial resilience, and secure supply chain practices.
We acknowledge that vulnerabilities will persist, despite best efforts. We will invite disclosure of potential safety or security issues, reported in good faith.
We foresee unexpected outcomes. We will facilitate evidence capture, preservation, and analysis to learn from safety investigations.
|Resilience and Containment|
We recognize failures in components and in the environment are inevitable. We will safeguard critical elements of care delivery in adverse conditions, and maintain a safe state with clear indicators when failure is unavoidable.
|Cyber Safety Updates|
We understand that cyber safety will always change. We will support prompt, agile, and secure updates.
In addition, Byteflies is an EU General Data Privacy Regulation (GDPR) and US Health Insurance Portability and Accountability Act (HIPAA) compliant company. We apply the more strict GDPR rules worldwide, including:
- The right to be informed about how and why we use your personal information
- The right to access your personal information
- The right to rectify your personal information
- The right to be forgotten
- The right to data portability
- The right to be notified if your personal information was in any way compromised