Digital Pharmacy

DigitalPharmacy.io’s Commitment to Data Security & Privacy

As a pharmacist or a health store owner, you handle sensitive customer data. To support you in maintaining compliance with data protection regulations such as HIPAA, GDPR, and DISHA Compliances, we follow stringent guidelines and provide necessary tools and agreements.

Key Areas of Focus:

Untitled design (64)

1. Encryption at Rest  

Encrypted with AES-256 encryption for data at rest.

Untitled design (63)

2. Encryption in Transit

TLS encryption for data in transit to protect data during transmission.

Untitled design (62)

3. Role-Based Access Control (RBAC)

Implemented RBAC mechanisms to restrict access to customer health data.

Untitled design (66)

4. Privacy by Design and Default

Implemented encryption, data minimization, access controls, and user privacy options.

Untitled design (67)

5. Secure Protocols and APIs

Use of secure protocols and APIs, such as HTTPS, for data transmission.

Cybersecurity

6. Cybersecurity Practices

Prevention of intrusions and prompt response to issues.

Health Insurance Portability and Accountability Act (HIPAA) compliance

Data Encryption

Our platform is encrypted with AES-256 encryption for data at rest to protect patient information from unauthorized access or breaches. 

✅ No Action Required

TLS Encryption for Data in Transit

We utilize TLS encryption for data in transit to protect data during transmission between users and servers.

✅ No Action Required

Access Only to Authorized Users

Only authorized users can access sensitive data. You can manage access rights for your pharmacy staff through your admin portal ensuring they only view or edit data they can access.

⚠️ Your Action Required

Business Associate Agreement (BAA)

We facilitate you with a ready-to-sign BAA, ensuring compliance and safeguarding sensitive details.

No Action Needed

Data Processors and Data Controllers

DigitalPharmacy.io acts as the data processor, while you are the data controller, giving you control over how data is processed.

No Action Needed

Data Backup and Recovery

We provide mechanisms for regular data backups and ensure recovery processes are in place in case of data loss or system failures.

No Action Needed

Employee Training

You must provide comprehensive HIPAA training to all your employees on a regular basis. Ensure your staff are aware of their responsibilities in safeguarding PHI.

⚠️ Your Action Requiredregularly

Data Protection Officer

DigitalPharmacy.io has appointed a Data Protection Officer (DPO) who handles inquiries from your clients regarding processing their personal data.

No Action Needed

Secure Email and SMS Communication

We offer secure messaging systems both on the website and app, but you must ensure that you do not share PHI in your messages.

⚠️ Your Action Required

Risk Analysis

While we assist with risk assessments, you must conduct regular privacy and security risk assessments. Our team can support you in this process.

⚠️ Your Action Required

Third Party Integrations

You must ensure all third-party integrations are compliant with HIPAA standards and establish data processing agreements where necessary.

⚠️ Your Action Required

General Data Protection Regulation (GDPR) Compliance

Data Protection Impact Assessment (DPIA)

Under GDPR, a Data Protection Impact Assessment (DPIA) is mandatory. As a data controller, you must conduct this assessment, detailing technologies used for handling personal data, assessing client risks, and specifying security measures for data storage.

⚠️ Your Action Required

Data Portability and “Right to be Forgotten”

We support data portability and the right to be forgotten, ensuring your patients’ data can be transferred or deleted upon request.

No Action Needed

Data Breach Notification Requirement

Under GDPR, you must promptly inform the relevant supervisory authority within 72 hours of any data breaches. We assist with the technical aspects of the notification.

⚠️ Your Action Required

Documentation of Compliance

Maintain documentation of compliance with data protection regulations. Notify us promptly of any data breaches to ensure timely and appropriate responses.

⚠️ Your Action Required

Privacy by Design and Default

We have integrated privacy by design and default principles into our platform to protect patient data. This includes implementing encryption, data minimization, access controls, and user privacy options to ensure compliance with GDPR and build trust with users.

No Action Needed

Data Protection Officer

DigitalPharmacy.io has appointed a Data Protection Officer (DPO) who handles inquiries from your clients regarding processing their personal data.

No Action Needed

Third Party Integrations

You must ensure all third-party integrations are compliant with GDPR standards and establish data processing agreements where necessary.

⚠️ Your Action Required

DISHA Compliance

Customer Health Data

We ensure that our platform supports compliance with DISHA requirements for maintaining Customer Health Data.

✅ No Action Needed

Protected Health Information (PHI) Encryption

We have implemented AES-256 encryption for data at rest to secure stored customer health data.

✅ No Action Needed

Role-Based Access Control (RBAC) Mechanisms

We have implemented RBAC mechanisms to restrict access to customer health data based on user roles and responsibilities.

✅ No Action Required

Data Privacy Policies and Transparency

You must ensure transparency and clarity in data privacy policies for your customers and stakeholders, meeting DISHA compliance standards.

⚠️ Your Action Required

Secure Protocols and APIs

We utilize secure protocols and APIs, such as HTTPS, for data transmission to ensure data security during transit.

✅ No Action Required

Access Only to Authorized Users

Only authorized users can access sensitive data. You can manage access rights for your pharmacy staff through your admin portal ensuring they only view or edit data they are permitted to access.

⚠️ Your Action Required

TLS (Transport Layer Security) Encryption for Data in Transit

We utilize TLS encryption for data in transit to protect data during transmission between users and servers.

✅ No Action Required

Security You Can Trust

At DigitalPharmacy.io, we are committed to protecting your privacy and ensuring the highest standards of data security. Your trust in us is our top priority. We understand just how important cybersecurity is in healthcare, which is why we’ve taken a unique approach to safeguarding your data.