How is your personal clinician data protected?

Clinicians located in Europe. Your personal data is hosted in France by OVH, a Health Data Host (HDS) certified company by the Digital Health Agency (ANS) with servers located in France.

As part of our activities (e.g., to answer your requests or manage incidents), we may call on other service providers. We therefore endeavor to keep your personal data within the European Economic Area (EEA); however, it is possible that your data could be transferred to other countries. We then ensure that this transfer takes place according to the General Data Protection Regulation (GDPR), in particular:

• To a country providing an adequate level of protection, i.e., a level equivalent to that provided under the applicable European legal and regulatory provisions; or

• Within the scope of standard contractual clauses agreed with our service providers.

For more information about our data protection commitments, please see our White Paper.

Clinicians located in the United States. Your Personal Identifiable Information (PII) is hosted in the United States to comply with applicable data residency requirements. We are committed to respecting HIPAA privacy and security standards when collecting and processing your PII.

We implement appropriate administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of your personal information, in accordance with federal HIPAA regulations and applicable state privacy laws.

We also ensure that all our service providers who may access your PII enter into Business Associate Agreements (BAAs) to maintain the same level of protection for your information.