Your info is yours and yours alone. That is why we prioritize protecting your sensitive data and assuring safety and security throughout your data’s journey from the device, to your mobile phone, and to our secure cloud storage. This includes protections such as encryption, secure cloud storage, permission-based access, regular backups, and periodic intrusion testing. Furthermore, it is critical to follow best practices and comply with relevant regulations, such as HIPAA for healthcare-related data, GDPR, and the ISO 27001 standard.
CardioMood secures your health data using independently validated end-to-end encryption and zero-access encryption, both on the Bluetooth connection between the device and the phone and in the cloud. This safeguards against data breaches and ensures that no one (including CardioMood) has access to your data unless you choose to share it.
CardioMood is established and located in Switzerland. Which means that all of your data is secured by stringent Swiss privacy regulations and Swiss neutrality.
The Health Insurance Portability and Accountability Act, or HIPAA, covers data protection policies and standards in the US healthcare system, specifically for the protection of health information. HIPAA establishes privacy and security criteria such as physical, technical, and administrative safeguards. HIPAA is intended to preserve the confidentiality, integrity, and availability of health information while also respecting individuals’ rights to privacy and control.
CardioMood is completely GDPR compliant, which means that we adhere to the standards outlined in the General Data Protection Regulation (GDPR) to secure individuals’ personal data within the European Union (EU). When it comes to health data, GDPR demands that it be recognized as a distinct category of data that requires additional safeguards. Overall, GDPR establishes stringent rules for the processing, storage, and transfer of personal data, including health data, in order to preserve individuals’ privacy and data control.
ISO 27001 is a widely accepted international standard for information security management systems. While ISO 27001 focuses on information security, it also includes rules for protecting personal information privacy. CardioMood can benefit from compliance with these standards in the management of privacy risks, compliance with data protection rules, and the confidentiality, integrity, and availability of personal health information.
