Data Security and Medical Device Regulation
Aikenist.com and Global Medical Device Regulations
Data Security and Privacy at Aikenist.ai
This section explains the measures that Aikenist.com has implemented to secure healthcare data for
our customers and partners and lays out the cybersecurity protections that make our AI products are
safe for use.
Aikenist.com complies with the United States Health Insurance Portability and Accountability Act by
ensuring that any data is de-identified before it leaves a covered entity’s premises for cloud
processing. On-premise deployments may not de-identify images, provided that data processing occurs
entirely within servers that are operated and owned by the covered entity.
The EU general data protection regulation addresses questions of data security and confidentiality.
It introduces measures to limit the amount of data collected, the purposes for which data is used,
and the duration for which it is stored. Aikenist.com is GDPR-compliant with respect to healthcare
data as well as other data from users of our websites and portals.
Certified Software Development Processes
Aikenist.com is ISO 13485 certified. ISO 13485:2016 includes the protection of confidential data
well as the establishment and review of requirements for associated medical devices.
Aikenist.com is ISO 14971 compliant. ISO 14971 focuses primarily on safety, security, and risk
associated with the use of medical devices.
Aikenist.com is IEC 62304 compliant. The IEC 62304 standard also specifies life cycle
requirements for the development of medical software and software within medical devices.
Rigorous Cybersecurity Controls
Medical devices, like other computer systems, can be vulnerable to security breaches, potentially
impacting the safety and effectiveness of the device. As a medical device manufacturer, Aikenist.com
is vigilant about identifying risks and hazards associated with our products and proactively
mitigating these. Our cybersecurity team assesses vulnerabilities and threats to Aikenist.com
processing servers on a real-time basis and implements the appropriate control measures for both
cloud servers and on-premise installations.
Protected Data Communication
We have protected and encrypt data at every level, both at source and in transit.
Communication (typical transfer of DICOM files) via our API and demo portal is encrypted.
Communication with Aikenist.com software deployed on-premise servers is similarly encrypted.
Gateway servers are secured using the latest data protection technology.
License managers are used to authenticate user credentials.
Secure Cloud Servers
Aikenist.com uses cloud servers built by cloud hosting partners with the highest standards for
privacy and data security (Amazon Web Services and Azure Cloud).
Transparent User Privacy Policies
Privacy policies for users of our website, demo portal, and apps are displayed to visitors who
access these applications.
Please contact firstname.lastname@example.org for information on Aikenist.ai’s information security measures.