Couple receives eHealth on their phone

Privacy and security

Open and honest about the use of personal data

Having a video consultation with your family doctor, using your tablet to talk to the public health nurse about your medication, or sharing your blood pressure reading with the cardiac specialist over the internet - FocusCura products are used every day to provide real health care. For this reason, we place great importance on making sure that personal information is protected.   

You Always Own Your Personal Information   

You are the owner of your personal information. This means that you can ask to see or remove your personal information at any time. This applies to everyone - health care professionals, patients, clients, and caregivers.  

Before you begin using one of our products, we always ask if you agree to our terms and conditions of use and privacy policy. If any changes are made to the contents of these legal documents, we ask you again if you agree to them.   

We never sell your personal information to third parties.  

We only use your information to keep our apps and website running smoothly and to make improvements to them. This means, for instance, that we can send measurement data taken with cVitals to a doctor, send a video consultation to a nurse, or discover and immediately resolve a malfunction.  

Storage and Access  

Storage in the EU

The servers that FocusCura uses to store personal information are located in EU data centers. The servers have ISO 27001 certification, which means that they meet extremely strict security standards.

Once personal information is no longer needed, we never save it longer than seven years. We always delete personal information upon request.

Limited Access  

As part of standard procedure, FocusCura employees cannot access the database where personal information is stored. A few developers and the Data Protection Officer can access this database. This is necessary in order to ensure the continued development and improvement of the products and systems. These developers and the Data Protection Officer are obliged to observe confidentiality.

Partners and Privacy  

In addition to our proprietary applications, we use software from third parties in order to provide the best service, known as SaaS (Software as a Service) solutions. We have entered into agreements with these companies that fulfill the strict requirements of the European Union in regards to data. We also make sure that these companies handle personal information in accordance with Dutch law.  

We do not send any personal information to other applications, only completely anonymized information..   

We use the following services:  

  • Mandrill for sending e-mails   

  • Mailchimp for managing e-mail lists   

  • VSee for video chats   

  • Cisco Spark for video chats

  • Amazon Web Services for general cloud services

  • Withings and iHealth for collecting values such as heart rate, blood pressure, weight, and glucose levels (only with the user's permission)  

  • Google Analytics for analyzing usage data   

  • Apple HealthKit for obtaining and saving health information (only with the user's permission)  

  • Apple Push Notification Server for sending push notifications (only with the user's permission)  

  • Google Push Notification for sending push notifications (only with the user's permission)  

  • Hotjar for improving usability

  • Salesforce for managing client and user information

 

Quality and Quality Marks   

FocusCura is certified for information security under ISO 27001 and quality management under ISO 9001. The product cVitals has CE marking as a Medical Device Class I. The product cContact is not a medical device as it is defined by law and therefore does not require CE marking.   

Backup System  

The infrastructure of our products and services is actively monitored and is implemented with a full backup, so that in the unlikely event that something goes wrong there is always a second system that can take over. We are unable to guarantee 100% uptime, but over the last twelve months the uptime was 99.99%.

Technological Security Measures  

We have implemented various technological security measures to ensure that personal information is transmitted and stored safely. These measures include:

  • always transmitting data over HTTPS (SSL)  

  • requiring the use of strong passwords  

  • using firewall-protected servers (and backup servers)  

  • storing FocusCura data in the EU on certified servers with ISO 27001 certification  

  • ensuring that long-term local storage of data on telephones or tablets occurs as infrequently as possible and, when this is unavoidable, encrypting the data  

  • logging and monitoring abnormal activities  

  • controlling access to the Dutch data center through the use of badges and ensuring that the Dutch data center is guarded 27/7 by security personnel, closed-circuit cameras, monitoring, infrared sensors, and a central control room  

  • and more 

Want to know everything in detail?

Download the document 'Security and privacy overview FocusCura'.