Twilio

Nature & Purpose

Healthtech 1 enables users to send SMS messages to patients. We use third party gateways for the delivery of those SMS messages. They provide APIs that the Healthtech 1 server uses to send these messages. We don’t deliberately store data in this location but through processing of data and sending text messages, Twilio keep logs for 30 days.

Encryption at rest

Yes ✅AES-256

Encryption in transit

Yes ✅TLS 1.2

GDPR Compliant

YesData Processing Addendum

Geographical Location

US 🇺🇸

Person / team who can view data

We do not provide such granular detail on the information requested for security reasons. You can learn more about Twilio's GDPR compliance at https://www.twilio.com/gdp r, or view our Data Protection Addendum, https://www.twilio.com/legal/data-protection-addendum , or Privacy Notice https://www.twilio.com/legal/privacy#when-and-why-we-share-your-personal-information-or-your-end-users-personal-information for additional information.

Security accreditations

ISO/IEC 27001, ISO/IEC 27017 & 27018, SOC 2 Type 2, PCI DSS Level 1 and PCI DSS Level 4.

Stores personal data

Stores special category data

Data Protection Addendum

Last Updated: April 4, 2022 This Data Protection Addendum ("") forms part of the agreement between Customer and Twilio covering Customer's use of the Services (as defined below) (""). I. Introduction 1. Definitions. "Applicable Data Protection Law " refers to all laws and regulations applicable to Twilio's processing of personal data under the Agreement.

www.twilio.com

Data Protection

https://support.twilio.com/hc/en-us/articles/360051805394-Measures-Twilio-Takes-to-Safeguard-the-Privacy-of-Customer-Personal-Data

Risk Assessment:

We’ve gone for marketing leading 3rd party processors that have strong security controls, with each, we have a Data Protection Addendum to bring them up to GDPR equivalency.