Today, data security within organizations is a major concern, particularly in the healthcare sector, as such data is considered sensitive. As a result, it is subject to specific legal protections (such as the European General Data Protection Regulation, data protection laws, and public health regulations) in order to ensure the protection of individuals’ privacy.
The introduction of the GDPR in Europe has further highlighted the need to strengthen data security and protection through the creation of the role of Data Protection Officer (DPO).
As a healthcare software publisher, Kheops has therefore implemented numerous protocols to enhance data security, notably through the appointment of a DPO within the company since early 2018.
Our verification protocol
Indeed, Kheops has implemented a wide range of protocols and measures for each of its employees in order to minimize risks as much as possible.
On a regular basis, a checklist must be completed by all staff to ensure that security processes are still fully respected, including:
- Regular password renewal across all tools that may contain sensitive data
- Verification of system updates
- Avoiding the storage of data on user workstations
- Never sharing login credentials
- Using separate channels to communicate credentials
- Not saving passwords in web browsers
- And many other measures
More recently, access to all workstations has been secured using security keys. Logging into a computer is no longer possible without this key, and a PIN code is required at login, making the device unusable without it.
All hard drives are also encrypted, making unauthorized access to their contents extremely difficult. In addition, in the event of an IT failure, the administrator account remains recoverable.
Highly secure password management through MFA.
Le “Multiple Factor Authentification” (MFA) est un système de sécurité qui fait appel à plusieurs méthodes d’authentification, à partir de différentes catégories d’informations, pour vérifier l’identité de l’utilisateur qui souhaite se connecter ou effectuer une transaction.
At Kheops, this method is implemented for access to numerous tools (email, password managers, etc.), for all banking transactions, as well as for VPN connections.
This process provides immediate protection for data and IT resources against identity theft, account compromise, and phishing attacks.
At Kheops, we place a strong emphasis on data security. Each month, our Security Committee meets to ensure that all security requirements are fully respected by our employees.
