HIPAA and LGPD Compliance

Ninsaúde adheres to all HIPAA requirements in terms of functionality and technological infrastructure.

We recommend HIPAA as a complementary framework for implementing protection laws.

Geographical location

Geographical location

Ninsaúde uses over 30 data centers spread across South America, North America, Europe, Asia, and the Pacific, and with this distribution, we mitigate distributed attacks.

End-to-end security

End-to-end security

We work with end-to-end security and Grade A encryption that protects data in transit from major internet vulnerabilities.

High availability

High availability

We use high-availability (HA) technology to keep services operational even in the presence of hardware, software, and power failures.

Encrypted data

Encrypted data

We use AES-256 encryption with symmetric keys that are also encrypted with a master key stored in a keystore. Furthermore, the master key is regularly changed.

Compliance and certifications

Our infrastructure is certified compliant with various standards and controls, and it undergoes independent third-party audits to test data protection, privacy, and security.

Compliance and certifications Conformidade e certificações

Frequently asked questions

Does the Ninsaúde Toro platform have encryption at rest?
Yes. All data is automatically encrypted before being written to disk. Each encryption key is encrypted with a set of master keys.
Does the Ninsaúde Toro platform have encryption in transit?
Yes. Data in transit is encrypted with a 2048-bit SSL certificate that changes its keys every three months.
Do the data centers have access control?
The data centers are equipped with customized electronic access cards, alarms, vehicle access control barriers, perimeter isolation, metal detectors, biometrics, laser intrusion detection system, and armed security.
How to maintain a backup policy in my healthcare franchise, clinic, or office?
The Ninsaúde Toro platform has an automated daily backup routine.
How to prevent information leaks by former employees in my clinic?
You should control the user lifecycle, authentication, access permissions, and monitor access. The Ninsaúde Toro platform controls the user lifecycle, limits authentication lifetimes to 15 minutes, configures access permissions for any screen, report, and information, and monitors access by user, date, time, city, geographic location (latitude and longitude), and IP address.
Can my clinic be a victim of a Ransomware attack?
The Ninsaúde Toro platform uses protection against Ransomware attacks. However, if you use another platform to store patient information, then yes, you can be vulnerable. Ransomware is a type of malicious code that makes data inaccessible on a computer and demands a ransom payment to restore access. A company is hit by Ransomware every 40 seconds, and the average ransom amount is one thousand dollars.
Are my patients' information secure on my clinic's Wi-Fi network?
The Ninsaúde Toro platform uses end-to-end protection and changes the security keys used in endpoint authentication every three months. However, it becomes computationally infeasible to discover the security keys.

Technical support

Talk to a sales consultant

Talk to a sales consultant

Send an email to a consultant

Send an email to a consultant

×