Our Commitment: Protecting Your Data

Data plays a critical role in healthcare for measuring performance and is essential for continuous improvement. This is why it is important that it is kept in a safe place. At Petal, cybersecurity is of the utmost importance.

The data used via Petal’s solutions remains the customer’s property. They are replicated and hosted in a location that meets your requirements.

• Encryption in transit using TLS 1.2 or higher
• SSAE-16-certified hosting
• Encryption at rest with minimum AES-256 encryption settings with TLS 1.2 connections (SHA-256 with RSA encryption)

We have several procedures in place that meet high standards and even exceed legal requirements in each jurisdiction in which we operate.

Our customers can have full control and determine the type of permission and role assigned to users.

In order to protect personal health information, the Petal platform does not permit backup to local or personal device.

We follow the healthcare industry’s best practices to meet security needs.

Microsoft Azure
In order to provide foolproof security, maximum privacy and the best protection against cybersecurity threats, the Petal platform is hosted on reputable Microsoft Azure cloud servers.

Microsoft Azure complies with the highest security standards as well as several international standards and certifications such as ISO/IEC 27001: 2013, ISO 27018, HDS, FedRAMP, SOC 1, 2 and 3, PCI DSS, and HIPAA.

To counter potential vulnerabilities, we deploy the full force of our perfectionism. We maintain state-of-the-art security policies and controls. This covers internal processes such as IT management of applications, authentication and access to infrastructure.

External processes are also controlled, in particular the management of suppliers and subcontractors.