Data Protection laws impose strict requirements

Check which are the compliance requirements defined by EU/GDPR and US/HIPAA

Physical

Requirements related to your hosting environment and infrastructure.

Technical

What you need to design, implement, and document to ensure compliance.

Administrative

Documentation, policies, privacy risk assessments and legal tasks.

Check how Chino.io solves compliance tasks for you

Physical Technical Admin
Image
Step 1: start building your App
Physical Technical Admin
Image
Step 2: sign-up to Chino.io
Physical Technical Admin
Image
Step 3: send a document via Chino.io API
Physical Technical Admin
Image
Step 4: Chino.io performs authentication & authorization
Physical Technical Admin
Image
Step 5: Chino.io encrypts and indexes the data for search
Physical Technical Admin
Image
Step 6: Chino.io stores securely your data, keys, and indexes
Physical Technical Admin
Image
Step 7: Chino.io returns the result (in milliseconds)
Physical Technical Admin
Image
Step 7: get the Chino.io compliance documentation and checklists

Administrative requirements: filling the gap.

Administrative

In addition to the Chino.io documentation you still need to define your privacy policy and terms and conditions for your service.

The Chino.io team can assist you also in finding the right consultant and help within its network of lawyers and partners in all EU Member States and in the US.

contact us.
Image

Chino.io provides much more guarantees than typical clouds

In terms of legal responsibility, Chino.io gives you much more than a classical Cloud provider since it covers also technical requirements, such as your health sensitive data storage and protection.

Keep in mind also that with Chino.io you can achieve application (or record) level encryption, where an attacker can't access to your health data if he violates your Applications.

Image

The service that decode security & compliance for you

Encryption

Each API call uses HTTPS/TLS to protect data transfers, while all documents at rest are encrypted using AES-256. Each user has different encryption keys, stored on different locations.

Access Control

Flexible and granular access control policies can be setup via the API to define access rights for single users or groups of users to single documents or collections of documents.

Backups

Daily incremental backups of all data. Backups are encrypted using AES-256 algorithms and transferred to a different physical location.

Audit log

Control who accesses your data, when it was accessed, and from where. Logs are legally valid and non-modifiable.

API security

We provide one-per-customer physical server (or more) at your service. We provide only the state of the art in terms of security and power.

Intrusion detection

Constant (24/07) security monitoring of API behavior, attacks, and any anomaly in the system. Technology partially developed also in the C3ISP EU innovation project.

Certified even for medical grade software

Certified ISO 9001

The Chino.io ISO 9001 certification means that Chino.io established, maintains and improves constantly the organizational structure, responsibilities, procedures, processes, and resources to consistently satisfy ISO 9001 quality requirements. ISO 9001 is a necessary certificate for all service providers in the medical context where end products (medical devices or software) must be ISO 13485 certified. Download the certificate here.

Certified ISO 27001

ISO 27001 is a security management standard that specifies security management best practices and comprehensive security controls following the ISO 27002 best practice guidance. Chino.io implements all controls and constantly improves its Security Management System, exceeding the requirements and keeping its services always at state of the art level in terms of security best practices. Download the certificate here.

LEARN MORE ABOUT COMPLIANCE AND SECURITY

Learn all you need to know about software, security and compliance. Become a security expert

Download eBook
IS YOUR SOFTWARE COMPLIANT
& SECURE?

Do our COMPLIANCE TEST and get "Compliance in the EU" guide for free. Discover what you need to implement to be compliant

Start your test now

Ready to start?