PlatformWho It's ForAppsSecurityVisionGet Early Access
Home/Platform/Security
Platform

Platform Security

Healthcare data is the most sensitive data on earth. We protect it with the highest standards available.

Request Security ReviewView Standards

Zero-trust. End-to-end. Always on.

MedLync treats security not as a feature but as a foundation. Every request is authenticated, every connection is encrypted, and every data access is logged โ€” regardless of where it originates on the network.

Our security posture is continuously validated through automated testing, third-party penetration tests, and alignment with Nigeria's NDPR and international frameworks including ISO 27001 and HIPAA.

AES-256Encryption at rest for all patient data
TLS 1.3All data in transit, zero exceptions
ISO 27001Certified information security management
NDPRFull Nigerian Data Protection Regulation compliance
Security Capabilities

Defence in depth, across every layer

๐Ÿ”

Zero-Trust Architecture

No implicit trust anywhere in the network. Every service, user, and device must authenticate and be authorised on every request.

๐Ÿ›ก๏ธ

End-to-End Encryption

AES-256 at rest, TLS 1.3 in transit. Encryption keys are managed through hardware security modules (HSMs) with strict rotation policies.

๐Ÿ‘๏ธ

Continuous Audit Logging

Every data access, system change, and user action is immutably logged with tamper-evident storage for compliance and forensic investigation.

๐Ÿ”‘

Role-Based Access Control

Granular RBAC ensures clinicians, administrators, and patients see only the data they are explicitly permitted to access.

๐Ÿงช

Penetration Testing

Continuous automated scanning and quarterly third-party penetration tests to find and remediate vulnerabilities before attackers do.

๐Ÿšจ

Incident Response

24/7 security operations centre with defined playbooks, sub-hour response SLAs, and mandatory breach notification procedures.

Compliance Frameworks

Standards we align with

๐Ÿ‡ณ๐Ÿ‡ฌ

NDPR

Full compliance with Nigeria's National Data Protection Regulation โ€” data minimisation, consent management, and breach notification included.

๐Ÿ“œ

ISO 27001

Certified information security management system covering risk assessment, controls, and continuous improvement.

๐Ÿฅ

HIPAA

HIPAA-aligned controls for protected health information, enabling partnerships with international health organisations.

๐Ÿ”—

HL7 FHIR Security

Security controls embedded in our FHIR implementation โ€” SMART on FHIR OAuth scopes, audit resources, and consent enforcement.

Need a security assessment?

Our security team can walk you through our controls, certifications, and data handling practices.

Talk to Security Team