Last Updated: May 2024

Data & Security

We are absolutely committed to the security of our platform and the protection of data.

Data Protection

We recognise the critical importance of keeping patient data confidential and secure, and being transparent about the uses to which it is put. Cydar uses the minimum amount of identifiable data required for safe and effective operation. We do not share this data with third parties.

Cydar complies with the applicable provisions of Article 28 of the EU GDPR relevant to data processing activities that define Cydar as a data processor. As Controller of the anonymized data it processes, Cydar complies with the provisions of Article 24 with acknowledgement to the relevant Recitals of the EU GDPR and HIPAA in the USA.

Cydar has GDPR integrated into its Information Security Management System. Cydar’s GDPR compliance is within the scope of Cydar’s ISMS, external audit and ISO 27001 certification.

Information Security

Cydar takes information security seriously. We strive to make our systems as secure as possible through design, technology choices, secure development practices, and continuous updates and monitoring. Our software undergoes regular internal and third party testing, and our systems are audited annually as part of our ISO 27001 certification.

If you have a security question about Cydar’s products or services, or you believe you have identified an issue, please email [email protected]. If you have questions or concerns regarding data protection and Cydar products and services, please email [email protected].

Data Charter

This charter reflects Cydar’s commitment to its duties and responsibilities in relation to the access to and use of personal data. Meeting our data protection responsibilities forms part of our core values and we apply the highest standards of care with all information entrusted to us. We aim to provide our customers, partners and patients in their care with confidence and peace of mind on this topic.
 

  1. Comply with data protection legislation in all territories in which we operate and manage the use of data ethically.
  2. Protect the privacy and rights of patients and customers.
  3. Only use Personal Data to the extent necessary for direct clinical care of the relevant patient.
  4. Innovate for the benefit of patients.
  5. Ensure Customers retain control of their data.
  6. Strive to ensure security in an ever-changing world.
  7. Promote transparency and trust with patients, customers, and partners.