Data Security

Ethika uses the following applications to provide its services. The data security for each is detailed below.

Practice Management System

Our practise management system (PMS) security measures include a dedicated security team, continuous monitoring, and stringent employee protocols. Compliance with GDPR, PCI, HIPAA, and SOC2 is ensured. Security is reinforced through regular tests, daily malware scans, and robust encryption for data in-transit and at-rest. Its infrastructure features automatic backups, geo-redundancy, and secure hosting options. Advanced features include role-based permissions, two-factor authentication, and session tracking further protect data.

Document Management System

Our document management system (DMS) places a strong emphasis on data security, employing robust measures such as AES 256-bit encryption for data during storage and transit. Granular access controls ensure that only authorised users have specific permissions, enhancing overall data privacy. It adheres to rigorous industry standards including GDPR, HIPAA, SOC 2, and ISO 27001.

Its continuous monitoring and auditing of its systems enable proactive threat detection and response, minimising risks of unauthorised access or breaches. Our DMS facilitates secure collaboration through detailed access logs and version history, and integrates securely with external platforms via robust APIs and adherence to stringent security protocols.

Notetaker

Our notetaker adheres to stringent data security protocols to ensure the confidentiality and integrity of all recorded information. Data security measures include robust commercial data protection, using authentication, encrypting data in transit and at rest, and not retaining prompts or responses. It doesn't use chat data for training models, maintains compliance with GDPR, and processes data in global data centers. Organisational data is only accessed when explicitly provided by users and is discarded after the session. The notetaker aligns with Ethika's responsible AI principles. Access to the notetaker is restricted through multi-factor authentication and role-based permissions, ensuring that only authorised personnel can view or edit the content.

HyperDox

SOC Compliance Assurance

As a testament to our adherence to the AICPA auditing standards, our partners' SOC reports demonstrate our commitment as a service organisation to uphold the highest standards of practice. We not only comply with these standards but also strive to continually enhance our practices. Our dedicated and driven team of professionals prioritises security and compliance in all their actions. With this, it ensures we meet industry standards but also provides our clients with the assurance that their data is handled with the utmost care and protection.

World-Class Microsoft Azure Cloud Infrastructure

Our infrastructure is hosted on Microsoft Azure, a globally recognised and certified cloud platform that guarantees service availability for its applications. This ensures a 99% availability rate for all our users. Our data centres are located in Australia East with replication to Australia Central.

Data Backups, Disaster Recovery, and Business Continuity

Our servers and services are replicated across different zones to ensure data redundancy. This is further complemented by daily and hourly backups of database servers and daily backups of file servers, providing a robust disaster recovery and business continuity plan.

Encryption and Firewall Protection

Our databases are encrypted using AES-256 standards, and PII Data is encrypted using certificate keys. File systems are secured with Azure Encryption, and data in transit is protected with TLSv1.2.

Our infrastructure is secured with various tools and processes, including top-tier endpoint protection suites, perimeter protection with WAF, and Next-Gen Firewalls. We conduct continuous vulnerability scanning for our systems to ensure the health of our services, infrastructure, and applications.

Restricted Network Access for Internal Services

We limit network access to specific networks hosting clients that require access, thereby reducing the exposure of your resources to network attacks. This policy is enforced through a combination of firewall rules, IP address restrictions, and network access control lists. Firewall rules are configured to only allow traffic from authorised networks. IP address restrictions are used to block traffic from IP addresses that are not associated with an authorised network. Network access control lists are used to further control which networks can access specific parts of our network.

Azure Virtual Network and Storage Encryption

We configure firewall rules to restrict access to your storage account to requests originating from specified IP addresses or ranges, or from a list of subnets in an Azure Virtual Network (VNet). Azure Storage encryption is enabled for all storage accounts, ensuring your data is secured by default without the need for code or application modifications.

Network Access Control

Access to the hosting environments is granted to a select few members of the Ethika operations team, only after they have successfully completed a background check, security awareness training, and acknowledged privacy and confidentiality agreements. Access is facilitated through a multi-factor VPN or Private Proxy connection. Additional authentication, authorisation, and accounting are implemented through standard security mechanisms, ensuring only approved operations and support engineers have access to the systems.

Network Bandwidth and Latency

HyperDox leverages the Azure network infrastructure to provide low latency network availability between the Services and end users. The Azure infrastructure is designed around regions and availability zones, each with redundant power, networking, and connectivity in separate facilities. We monitor applicable networks and address internal issues that may impact availability. The Azure infrastructure is strategically designed around regions and availability zones, each equipped with redundant power, networking, and connectivity in separate facilities. This design offers high availability, fault tolerance, and scalability, surpassing what a single data centre can provide. We actively monitor applicable networks and promptly address internal issues that may impact availability.

Security-Related Maintenance

Our operations and development teams, in collaboration with our Information Security department, carry out security-related change management and maintenance. These changes are typically invisible to the client and are implemented during scheduled maintenance windows to minimise downtime.

Secure Network Access Control

Our network access control is designed to ensure only authorised personnel have access to our hosting environments. This is achieved by granting access to a select group of Ethika operations team members who have successfully completed a stringent process that includes a background check, security awareness training, and are bound by privacy and confidentiality obligations to Ethika. Access is facilitated through a secure multi-factor VPN or Private Proxy connection, with additional authentication, authorisation, and accounting implemented through standard security mechanisms.

Security-Focused Maintenance

Our operations and development teams, in conjunction with our Information Security department, carry out security-related change management and maintenance. These changes are typically invisible to the client and are implemented during scheduled maintenance windows to minimise downtime. This includes new system builds at the data centres, as well as patches and updates.

Azure Storage Encryption

We employ Azure Storage encryption for all storage accounts, including both Resource Manager and classic storage accounts. This encryption cannot be disabled, ensuring your data is secured by default. This eliminates the need for you to modify your code or applications to take advantage of Azure Storage encryption.

Dedicated Infrastructure

HyperDox prioritises data and security. It offers all customers Enterprise Microsoft Azure and dedicated computing with OpenAI infrastructure. This ensures durability, security, reliance, and speed, which is not available on standard GenAI infrastructure.