Swift Skin & Wound
Security and Compliance
- Swift follows industry best practices and complies with all applicable industry standards such as Personal Information Protection and Electronic Documents Act (PIPEDA), PHIPA, Health Insurance Portability and Accountability Act (HIPAA), SOC2, Medical Device Single Audit Program (MDSAP) as per FDA standards
- Swift adheres to the highest standards of information security and performs annual internal and external audits of our security posture for corporate IT systems and software application
- Swift also conducts regular vulnerability scanning, penetration testing and static code analysis on all Skin & Wound products
- The Swift mobile application can be used online and offline with background upload. All the data is secured and encrypted between the mobile device, Swift dashboards and our cloud services
– Data encrypted in-flight (HTTPS TLS1.2)
– Data encrypted at-rest (AES256)
- Mobile applications cannot be run on rooted hardware devices, and data files are only stored within the secure application container and are removed once the application is uninstalled
- Swift has implemented hardened benchmark AMIs, file integrity monitoring and intrusion detection into our SIEM centralized logging platform for security, alerting and auditability.
User Account Security
- User access can be remotely administered: granted or revoked
- RBAC with support for custom roles allows for granular controls matching your company policies
- User password complexity / strength requirements configurable by policy
- User access token timeout based on app foreground and background
- Configurable PIN settings for balancing access convenience with IT security requirements
- Brute force protection with account lockout
Cloud Backup, Recovery and Maintenance
- The Swift application has a 99.9% uptime with optimized content delivery
- All of our customer data is stored securely in AWS cloud (US-East and Canada-Central) with daily RDS backups retained for a 30 day period and binary payloads uploaded to S3 supporting cloud object
versioning for easy backup and restore
- All patient data modifications are immutable to support data integrity and auditability
- Swift utilizes blue/green deployments for zero downtime software updates
- Swift API middleware leverages industry standard information exchange protocols like HL7 and FHIR to transfer information in real-time bi-directionally between your systems and the Skin & Wound App,
eliminating double documentation.
- Clinical staff can see the relevant patient list to optimize the experience at the bedside (via HL7 ADT)
- Clinical staff can view the discrete wound data captured in the app within the Patient Flowsheet (via HL7 ORU)
- Swift supports federated authentication via Single-Sign-On with OAuth 2.0, SAML 2.0, LDAP, ADFS, Smart on FHIR as well as multi-factor authentication options including One-Time-Password over email
Application Device Compatibility
The Swift Skin and Wound mobile application is compatible with most Apple and Android devices:
APPLE iOS MOBILE APPLICATION SPECIFICATION
|v12 or higher
|iPhone 6s/6s plus and above
iPad Pro (2nd generation) and iPad Pro (3rd generation)
ANDROID OS MOBILE APPLICATION SPECIFICATION
|Nougat v7.0 or higher
|Samsung Galaxy S7, S9+, Note 9
*Full application specifications available upon request
The Swift Skin and Wound Dashboard is a web based solution that is accessible via web browser:
WEB DASHBOARD SPECIFICATION
|v11 or higher
|Google Chrome, Apple Safari, Mozilla Firefox, Edge
|Most stable recent version
*Full web dashboard specifications available upon request
Swift Medical, Inc. As a Health Information Network Provider (HINP)
What services does Swift provide to custodians?
Swift Medical, Inc. is a secure mobile application and cloud-based wound care solution that can be utilized by healthcare providers to take photos of wounds and monitor wound status. The solution contains wound images, personal demographics and clinical information.
How does Swift protect this information?
Swift utilizes multiple administrative and technical safeguards to protect the integrity of the data in its systems and to protect it from unauthorized use and/or disclosure.
These safeguards include:
- Data encryption, in transit and at rest
- Secure data hosting with strict security standards
- Limitations on data access based on role
- Multi-factor authentication for the system and platform
In addition, Swift holds a SOC2 Type 2 certification, indicating that Swift has been audited by an independent firm and found to have effective controls in place regarding the security, availability, processing integrity, confidentiality and privacy of customer data.