The hayylo customer experience platform is all about the sharing of information. We connect care providers with their customers via the cloud, so it’s important that customers’ personal information, and other data from your organisation, remains completely private and confidential. When it comes to your organisation’s data, hayylo employs strict protocols to mitigate technological, physical and human risk factors.

Technological security

  • Data is hosted on Amazon Web Services (RDS & S3)
  • Database is replicated synchronously, so we can rapidly recover data should the need arise
  • Web connections to the hayylo service are via TLS 1.2 and above
  • Databases and transaction layer are encrypted end to end using 2048-bit encryption
  • hayylo employees have restricted data access based on employee role
  • Laptops and workstations are secured via full disk encryption and centrally managed
  • machines and monitor workstations are regularly updated for malware
Customers and organisation staff must authenticate with hayylo prior to accessing the platform and app. Access is centrally controlled so that, for example, one client or family cannot access any other client or family information.

Physical security

  • Data is hosted in Australia in secure SSAE 16 audited data centres
  • Our office is secured via keycard access which is logged
  • Staff must screen lock devices when unattended, automatic screen locking occurs after 5 minutes of inactivity
Data governance

Our Data Access Policy outlines corporate security measures and employee obligations. hayylo employees sign non-disclosure agreements and are only able to access information based on their job function and role. Data is processed in Australian data centres – so data remains subject to Australian law.

In today’s technologically complex landscape, managing personal health information demands stringent security and privacy standards. That’s why at hayylo, protecting your data is our highest priority.