Security Policy
Security
Leynek Medical is committed to keeping your data safe. Our platform is designed to ensure secure storage and processing of all information we interact with. Whether it’s personal health information (PHI), personally identifiable information (PII) or anything beyond, we’ve established extensive security and compliance policies and procedures to ensure that our client’s and user’s data remain protected.
Leynek Medical is HIPAA compliant and executes Business Associate Agreements with customers and vendors as appropriate.
Layers of Defense
Leynek Medical’s infrastructure is protected by numerous layers of defense, known in the information security industry as a “defense-in-depth” strategy. Our security architecture and approach includes, but is not limited to, the following:
-
At-rest data encryption using AES-256
-
Automated region failover
-
Auto-scaling capabilities
-
Daily data snapshots
-
Disaster and Recovery processes and procedures
-
In-transit data encryption of SSL + TLS 1.2 or higher
-
Multi-factor authentication (MFA)
-
Distributed Denial-of-Service (DDoS) mitigation
-
Security patch management
-
Secure software development lifecycle processes
Security Culture
Every employee at Leynek Medical is dedicated to security and protecting our customer data in all that we do. We have a formal security program in place. 
All employees receive security training both as a new hire and regularly thereafter. Communication channels for any security or privacy issues or questions are always open for our employees and customers.
Suspected Security Issues
If you suspect a security issue or anyone in your family or organization’s Leynek Medical credentials may have been compromised, please contact Leynek Medical support at security@leynekmedical.com.
If you are a security researcher who has potentially discovered a security weakness or vulnerability in Leynek Medical’s systems, please send an email to security@leynekmedical.com with information and we will provide information on how to provide a secure responsible disclosure.
Data Privacy & Protection
We ground our privacy commitments in strong data governance practices, so our customers can trust that we’ll protect the privacy and confidentiality of their data. Privacy is protected across Leynek Medical with built-in security designed to automatically stop threats before they reach our customers.
Notice of HIPAA Privacy Practices
Our privacy practices are intended to comply with the Health Insurance Portability and Accountability Act (“HIPAA”). We will maintain the privacy of your Health Information as required by HIPAA and the regulations set forth under that Act. We encourage you to carefully review our Privacy Policy.
Version 1.0
Last modified March 2023