Privacy & Security

At Karify we are committed to protecting your data. All data are encrypted when being send through or stored on well-secured servers. Medical data are only accessible by patients and after their permission, by a specific caregiver. In Karify, patients are the owners of their medical data. We have the responsibility to take good care of these data. A responsibility we take very seriously.

That is why we drafted the Karify Law:

 

Article 1:
You are the owner of your data. We do not publish or sell these data.

 

Article 2:
You can see all approved access to your information. When you share your medical data, you know with whom these are shared.

 

Article 3:
Karify makes use of algorithms to predict which information might be relevant for you. This happens without interference of our employees.

 

Regulations and certifications

Karify meets the strictest European privacy regulations and safety certificates.

 

SSL (Security Socket Layer: The Karify data connections run via SSL. This means that all sent information stays confidential and is illegible for third parties. You can recognize our SSL-security by the closed green lock and https:// at the start of the address bar.

 

ISO 27001: Karify meets the 27001 ISO-standard for information security. This standard sets specific requirements to the security measures of Karify’s hosting party. The ISO 27001 norm prescribes how security risks should be assessed and dealt with. Organizations granted with this certificate, must meet strict generic requirements.

 

ISO 27002: This declaration prescribes how information security must be implemented in an organization. The set up of the Karify system for information security management is assessed in relation to risk analysis, set standards and policy principles. On this basis, Karify measures up to a custom certificate regarding even stricter information security.

 

NEN7510: The NEN7510 standard applies specifically for organizations dealing with healthcare. This norm offers guidelines and basic principles for determining, setting and maintaining measures that a healthcare organization must take for securing the information facilitation.

 

Data storage

The patient is owner of his own data in the Karify health record. Patients keep their account and medical data free of charge. When a patient terminates his account or deletes the data, these will be saved for 3 months. Thereafter, the data will be destroyed. The practice or healthcare organization can get access to an overview of these data only with approval of the patient. Subsequently, the practice or healthcare organization is responsible for the data.

 

Patient data is stored via active encryption. All servers are secured by additional encryption. For user registration Karify uses a secured protocol. Registration data are stored in a secured database that is not connected to the Internet. In this database, data is stored encrypted. Therefore, Karify meets the highest privacy demands and regulations.

 

Considering performing your medical profession, Karify offers healthcare professionals the possibility to gain insight into all data related to the given care, on account of meeting the retention obligations of caregivers. Karify stores data as long as the patient or caregiver has a Karify account. You can delete your account yourself.

 

For more information about privacy, please read the Privacy and Cookie policy. If you have any other questions, please send an e-mail to questions@karify.com.