LAST UPDATE: July 14, 2021
Byteflies’s mission is to make health care more personal, proactive, accessible, affordable and equitable, especially for people with chronic conditions. We do this by providing services that allow you and your healthcare provider to collect high quality and relevant medical data no matter where you are and for long periods of time. Byteflies provides these services to assist a healthcare provider in their decision making process. However, we do not provide direct medical advice or diagnostic decisions.
Although symbolic in nature, the Hippocratic Oath for Connected Medical Devices summarizes very well what principles we adhere to:
|Cyber Safety by Design|
We respect domain expertise from those that came before. We will inform design with security lifecycle, adversarial resilience, and secure supply chain practices.
We acknowledge that vulnerabilities will persist, despite best efforts. We will invite disclosure of potential safety or security issues, reported in good faith.
We foresee unexpected outcomes. We will facilitate evidence capture, preservation, and analysis to learn from safety investigations.
|Resilience and Containment|
We recognize failures in components and in the environment are inevitable. We will safeguard critical elements of care delivery in adverse conditions, and maintain a safe state with clear indicators when failure is unavoidable.
|Cyber Safety Updates|
We understand that cyber safety will always change. We will support prompt, agile, and secure updates.
Byteflies is an EU General Data Privacy Regulation (GDPR) and US Health Insurance Portability and Accountability Act (HIPAA) compliant company. We apply the more strict GDPR rules worldwide, including:
- The right to be informed about how the data was collected and why we use it
- The right to access and rectify your personal information
- The right to be forgotten
- The right to data portability
- The right to be notified if your personal information was in any way compromised
We regularly perform Data Protection Impact Assessments (DPIAs) for existing and new Byteflies Services. A DPIA is a process to systematically analyze and improve our ability to protect your data. Our public summary DPIA can be accessed here and is regularly revised.