Hexai Logo
Hexai

Security at Hexai.care

Last Updated: 16 June 2025

Our Commitment to Security

At Hexai Care Limited, we understand that security is paramount, especially when handling sensitive healthcare information. We are committed to implementing and maintaining robust security measures to protect your data and ensure the integrity of our platform.

Security Infrastructure

Our security infrastructure is designed with multiple layers of protection:

  • Encryption: We use industry-standard encryption protocols (TLS/SSL) to secure data in transit. All data stored in our databases is encrypted at rest using AES-256 encryption.
  • Secure Data Centers: Our infrastructure is hosted in secure data centers that maintain SOC 2 compliance and implement physical security measures including 24/7 monitoring, biometric access controls, and redundant power systems.
  • Network Security: We employ firewalls, intrusion detection systems, and regular network scans to identify and address potential vulnerabilities.
  • Regular Backups: We perform regular backups of all data to ensure business continuity and disaster recovery capabilities.

Application Security

Our application is built with security as a core principle:

  • Secure Development Practices: We follow secure coding practices and conduct regular code reviews to identify and remediate potential security issues.
  • Authentication: We implement strong authentication mechanisms, including multi-factor authentication options, to ensure only authorized users can access sensitive information.
  • Authorization: Our platform enforces strict access controls to ensure users can only access the data they are authorized to view or modify.
  • Session Management: We implement secure session handling with automatic timeouts and secure cookie policies.

Compliance and Certifications

We are committed to meeting industry standards and regulatory requirements:

  • HIPAA Compliance: We are actively working toward full HIPAA compliance to protect patient health information in accordance with US healthcare regulations.
  • GDPR Compliance: Our platform is designed to meet the requirements of the General Data Protection Regulation for users in the European Economic Area.
  • SOC 2 Certification: We are in the process of obtaining SOC 2 certification to demonstrate our commitment to security, availability, and confidentiality.

Security Monitoring and Incident Response

We maintain vigilant monitoring of our systems:

  • 24/7 Monitoring: Our systems are continuously monitored for suspicious activities and potential security threats.
  • Incident Response Plan: We have a comprehensive incident response plan in place to quickly address any security incidents that may arise.
  • Regular Testing: We conduct regular vulnerability assessments and penetration testing to identify and address potential security weaknesses.

Employee Security

Our security measures extend to our team:

  • Background Checks: We conduct background checks on all employees who have access to sensitive systems or data.
  • Security Training: All employees receive regular security awareness training to ensure they understand and follow best practices for data protection.
  • Access Controls: We implement the principle of least privilege, ensuring employees only have access to the systems and data necessary for their roles.

Reporting Security Concerns

If you discover a potential security vulnerability or have concerns about the security of our platform, please contact us immediately at security@hexai.care. We take all security reports seriously and will investigate promptly.

Continuous Improvement

Security is not a one-time effort but a continuous process. We regularly review and update our security measures to address emerging threats and incorporate new best practices. Our commitment to security is ongoing and evolving.

Contact Information

For more information about our security practices, please contact us at:

Hexai Care Limited
Unit 82a James Carter Road
Mildenhall, Bury St. Edmunds
England, IP28 7DE
Email: hexaicare@gmail.com