Your patients' data security is at the heart of everything we do. This article walks you through how Heidi keeps your data safe — and how to talk to your patients about it with confidence.
Part 1 – Heidi's security and compliance
Yass, Head of Legal, Compliance and Security at Heidi, explains the technical safeguards underpinning the platform. He covers end-to-end encryption in transit and at rest, access controls and audit logging, Heidi's independently verified certifications (including GDPR, ISO and SOC2), and what deletion really means on the Heidi platform.
Part 2 – Getting patient consent
Ben, Heidi's Clinical Director, shares a practical framework for obtaining patient consent before using Heidi in a consultation. He outlines four key points to cover: why you're using Heidi, how data is kept safe and de-identified, that Heidi's security processes are independently audited, and where patient data is stored — with regional servers available in every market Heidi operates in.