Data in the form of name, email address and exercise programmes from our website are stored in "Servers" based in London, UK. A server is the main `'brain" of any website and security of our servers is a priority for MyPhysioRehab. We want to keep your data safe and secure and as a result we have several measures in place to ensure you will not have anything to worry about. Here is a list of common security questions and answers to put your mind at ease:
1) How are the servers are protected physically and digitally? As part of the layered security structure, the servers are located within a locked rack, in a locked date hall and behind a locked gate. There is 24/7 security on site and biometric controls amongst others limiting access into sensitive areas.
2) What physical protections do you have in place? eg personal security at premise, restricted access etc? We have a number of control measures in place, forming a layered security structure. A broad overview of the Datacenter is available for reference on request.
3) What independent audit/ certification processes do you have in place? We are independently audited by Lloyds Register Quality Assurance (LRQA) over 6 months and we are subjected to numerous 2nd and 3rd party customer & client audits throughout a normal year. We have a current Information Security Management Standard certificate (ISO/IEC 27001:2013)
4) How do you keep my login details secure? We do not send passwords via email, nor store any passwords on our site. Users set their own passwords that are encrypted at the time of account creation. Only the user has access to their password.
5) Do you perform regular back ups? Our Data is backed up Daily and often several times a day. In the unlikely event that our servers were destroyed by gremlins we have a back up and can be up and running again without the loss of any of your data