Security Overview


Summary

The continued security and privacy of the data stored on the ClinicalWill platform is our top priority. Our founders include an experienced psychotherapist who intimately understands the importance of client confidentiality, and a leader in the Information Technology & Security industry experienced in securing web applications to Government standards.

The security of the platform has been independently tested by CREST accredited cybersecurity experts Marclay Associates Limited (now BlueVoyant). Customer data is stored at highly secure datacentres which are trusted by Governments and Businesses globally.


Secure by Design

Clinical Will has had security and privacy baked into its design since inception. The following sections detail the application, server and operational level protections in place.


Session Timeout

When accessing the ClinicalWill platform users’ sessions are automatically timed out after 15 minutes of inactivity. After this time, the user is required to log in again to access the application. This vastly reduces the risk of the session being hijacked by a following user on the same device.


Secure Passwords

The application enforces that passwords must be at least 10 characters in length and include at least one uppercase letter, one lowercase letter, and one numeric character. Passwords are not stored in plain text in our database; instead, they are transformed using a cryptographic hash function, producing an output that cannot be reversed to retrieve the original password. To prevent users from having recognisable hashes, a random value (known as a salt) is added to the password before hashing. This is considered industry best practice for secure password management.


Email-based Two-Factor Authentication

We encourage users to activate our email-based two-factor authentication (2FA) feature to enhance their account's security. With 2FA enabled, in addition to their password, users must enter a unique 6-digit code sent to their registered email address during the login process. When a Practitioner activates 2FA, it becomes mandatory for all associated users, including their Clinical Trustees and Next of Kin, who also have access to some aspects of the account.


Account Lockout

To further enhance the security of user accounts and prevent repeated attempts at passwords, we have implemented a policy that limits the number of login attempts per day. Users are allowed a predefined number of incorrect login attempts within a 24-hour period. After reaching this limit, the account will be temporarily locked, preventing further login attempts.


Secure Hosting and Containers from Heroku and AWS

The application is managed following a Linux container methodology provided by Heroku (owned by salesforce.com) and hosted on Amazon Web Services (AWS) in Ireland, Europe. The container model ensures that applications are strongly isolated from one another for security purposes. Heroku uses Operating System containerization with additional custom hardening to ensure that access is properly restricted for all customers. For additional technical information see: Heroku Dynos.

The Amazon Web Services datacentres where the customer data resides are accredited to SAS 70 Type II, SSAE 16 and ISO 27001:2013. For more information including physical security, environmental safeguards, network, data, and system security see: AWS Security.

Members of the ClinicalWill team can only access the infrastructure with a second factor of authentication on top of a one-way salted and hashed password.


Penetration Testing and Vulnerability Management

The security of the platform has been independently tested by CREST accredited cybersecurity experts Marclay Associates Limited (now BlueVoyant). Penetration testing of the ClinicalWill application and hosting environment has been carried out by independent testers prior to launch, and ahead of major releases. Findings from each assessment are reviewed with the assessors, risk ranked, and assigned to the responsible team for resolution.


Backups and Disaster Recovery

User data is backed up daily and can be used to recover from local disasters or unexpected circumstances impacting the availability or integrity of the primary copy. They are securely stored within the Amazon Web Services infrastructure across multiple locations and designed to offer 99.999999999% durability, 99.99% availability and can sustain the concurrent loss of data in two facilities.


Secure Connections

The ClinicalWill application is registered under the .app domain extension created by Google with added security built in as standard. All .app applications are required to use HTTPS encryption of web traffic between the user’s browser and the servers hosting the application. For more information visit: Introducing .app.


Encryption at Rest

All data in our database is encrypted at rest using AES-256 encryption, an industry-standard method for ensuring data security. Backups are also encrypted and stored securely, ensuring data remains protected even in the unlikely event of physical storage compromise.


GDPR - Breach Notification

In meeting our obligations under the General Data Protection Regulation (GDPR) there are robust breach detection, investigation, and internal reporting procedures in place. These allow for breaches to be reported to data subjects and the relevant supervisory authority within 72 hours of discovery and without undue delay.


GDPR - Data Residency

All customer and system data is stored within Amazon Web Services’ secure data centre in the EU, Dublin region.