top of page
leynek-medical-high-resolution-color-logo copy.png

Security Policy

Security 

Leynek Medical is committed to keeping your data safe. Our platform is designed to ensure secure storage and processing of all information we interact with. Whether it’s personal health information (PHI), personally identifiable information (PII) or anything beyond, we’ve established extensive security and compliance policies and procedures to ensure that our client’s and user’s data remain protected.  

 

Leynek Medical is HIPAA compliant and executes Business Associate Agreements with customers and vendors as appropriate. 

 

Layers of Defense 

Leynek Medical’s infrastructure is protected by numerous layers of defense, known in the information security industry as a “defense-in-depth” strategy. Our security architecture and approach includes, but is not limited to, the following: 

  • At-rest data encryption using AES-256 

  • Automated region failover 

  • Auto-scaling capabilities 

  • Daily data snapshots 

  • Disaster and Recovery processes and procedures 

  • In-transit data encryption of SSL + TLS 1.2 or higher 

  • Intrusion detection and prevention systems 

  • Multi-factor authentication (MFA) 

  • Distributed Denial-of-Service (DDoS) mitigation 

  • Internal and external penetration testing 

  • Security patch management 

  • Secure software development lifecycle processes 

  • Security Information Event Management (SIEM) with anomaly and threat detection 

  • Vulnerability scanning 

  • Web Application Firewalls 

  • Additional security control information available on request 

 

Security Culture 

Every employee at Leynek Medical is dedicated to security and protecting our customer data in all that we do. We have a formal security program in place.  

 

All employees receive security training both as a new hire and regularly thereafter. Communication channels for any security or privacy issues or questions are always open for our employees and customers. We send out ongoing reminders to our staff about security issues, and in addition, regularly test our preparedness with phishing drills and other security exercises. 

 

Suspected Security Issues 

If you suspect a security issue or anyone in your family or organization’s Leynek Medical credentials may have been compromised, please contact Leynek Medical support at security@leynekmedical.com

 

If you are a security researcher who has potentially discovered a security weakness or vulnerability in Leynek Medical’s systems, please send an email to security@leynekmedical.com with information and we will provide information on how to provide a secure responsible disclosure. 

 

Data Protection & Privacy 

We ground our privacy commitments in strong data governance practices, so our customers can trust that we’ll protect the privacy and confidentiality of their data. Privacy is protected across Leynek Medical with built-in security designed to automatically stop threats before they reach our customers. 

Notice of HIPAA Privacy Practices 

Our privacy practices are intended to comply with the Health Insurance Portability and Accountability Act (“HIPAA”). We will maintain the privacy of your Health Information as required by HIPAA and the regulations set forth under that Act. We encourage you to carefully review our Privacy Policy. 

 

Version 1.0 

Last modified December 2023 

bottom of page