How we focus on compliance, security, and privacy to provide a safe experience that complies with international regulations. We commit to providing accurate heart health assessments within a secure environment where personal data is safely protected.
Compliance
Security
Privacy
Compliance
As a digital health company, we understand the importance of regulatory approvals and clearances for medical devices. We make continuous efforts to uphold our software to the highest standards of international regulatory compliance to guarantee the safety, security and efficacy of our services. In order to safeguard the well-being of our users and maintain the trust of healthcare providers, we have a number of product approvals and clearances from different regions all over the world, as well as international quality certificates.
Product approvals and clearances
FibriCheck is indicated for self-testing by users who have been diagnosed with, or are susceptible to developing, atrial fibrillation and who would like to monitor and record their heart rhythms on an intermittent basis. FibriCheck is a Class IIa medical device and has obtained multiple device approvals.
Therapeutic Goods Act (TGA)
Medical Device Directive (MDD)
Saudi Food and Drug Administration (SFDA)
Health Sciences Authority (HSA)
Swissmedic
Ministry of Health and Prevention (MOHAP)
Medicines and Healthcare products Regulatory Agency (MHRA)
Food and Drug Administration (FDA)
International quality certificates
Our Information Security Management System complies with the standards defined in ISO 27001:2022 ensuring risk management, cyber-resilience and operational excellence.
We have implemented a Medical Devices Quality Management System in line with the requirements of ISO 13485:2016, which demonstrates our ability to provide a medical device and related services that meet customer needs and applicable regulatory requirements.
Security
FibriCheck is committed to providing a secure environment in which the safety of our systems and data is prioritized. In order to ensure our software security, we uphold high standards for data protection and software security, verified through various certifications. We also recognize the valuable role that security researchers and our user community play in keeping our technology secure. Responsible reporting of any discovered vulnerabilities in our products or services is encouraged.
Should you have any security concerns, please reach out to us at incidents@fibricheck.com. We are dedicated to responding to your message within 72 hours with additional information on how to share your findings securely with us, and commit to resolving the issue promptly and effectively. We ask that you do not publicly disclose the issue until it has been addressed and a mutual disclosure time has been agreed upon.
FibriCheck has completed the Cyber Essentials self-assessment developed by the National Cyber Security Centre which is supported by the UK Government. By receiving this certificate, we demonstrate our compliance with the set requirements to limit the risk of common online threats.
FibriCheck has completed the Data Security and Protection Toolkit self-assessment developed by the NHS ensuring good data security and the correct treatment of personal information.
The Digital Technology Assessment Criteria is an assessment developed by the NHS required to commission FibriCheck across the NHS and social care services. With this certification we demonstrate compliance to different criteria such as clinical safety, data protection, technical security, interoperability, plus usability and accessibility.
We ensure compliance with Health Insurance Portability and Accountability Act regulations to ensure the protection of health information. This includes the implementation of various administrative, technical, and physical safeguards to protect user information.
Our Information Security Management System complies with the standards defined in ISO 27001:2022 ensuring risk management, cyber-resilience and operational excellence.
Privacy
At FibriCheck, we commit to offering the highest standards in privacy protection. The way we collect, use, store and process personal information is regulated according to the GDPR standards. In our privacy policy, you can find more information about the way we handle and protect personal data.
We ensure compliance with Health Insurance Portability and Accountability Act regulations to ensure the protection of health information. This includes the implementation of various administrative, technical, and physical safeguards to protect user information.
We comply with all data protection principles as stated in the GDPR and can demonstrate compliance accordingly.