Data Protection Notice
The SireeNova platform handles sensitive medical and donor information. This notice summarizes the safeguards in place.
Sensitive donor data handling
Donor identifiers, clinical history, and screening results are treated as sensitive medical data and processed only for clinical and operational purposes.
Restricted medical access
Database-level row-level security ensures that medical records are visible only to authorized staff of the hospital that owns the record.
Encryption
All data is encrypted in transit using TLS and at rest using industry-standard cloud encryption.
Audit logging
Access to sensitive records and privileged actions are logged with actor, timestamp, and action for monitoring and review.
Role-based permissions
Permissions are granted strictly by role. Users see only the data needed for their function.
Multi-factor authentication
MFA is required for all accounts. Step-up verification is required for high-risk actions such as viewing blacklisted donor records.
Incident reporting
Suspected security incidents should be reported immediately to your hospital administrator and the platform contact.