oDoc Logo oDoc Logo

Security

We take data security extremely seriously.
We follow the National eHealth Guidelines and Standards issued by the Ministry of Health of Sri Lanka on patient data security. When you give us your data, you trust us to keep it secure. Any personal or sensitive information we hold about you is protected by strong encryption and held in secure data centers.

Storing your data
We store all of your personal health data on secure servers. Health data includes your medical information (such as symptoms and treatment). Your data may be processed or stored via destinations outside Sri Lanka, but always on servers compliant with HIPAA data protection standards.

Protecting your data
We encrypt all data transmitted to and from the app and specifically designed security features to best prevent unauthorised access. Payments are processed via a third party payment provider that is fully compliant with Level 1 Payment Card Industry (PCI) data security standards.

Securing your data
We regularly test our servers with regard to security controls and we work with industry-leading hosting partners to ensure our infrastructure is protected. Within the app, access to clinical records requires two step authentication to ensure data is accessed securely and appropriately.

To keep your data protected, please:
Make sure you have a strong password
Change your password frequently
Keep your password safe