Security at CogniAxis.ai

Enterprise-grade security protecting your data and patient information

Our Commitment to Security

At CogniAxis.ai, security is foundational to everything we build. We understand the critical nature of healthcare data and the trust you place in us. Our security program is designed to protect your data through multiple layers of technical, administrative, and physical safeguards.

Compliance & Certifications

🏥

HIPAA Compliant

Full compliance with healthcare data protection standards

🔒

ISO 27001

Certified information security management

⚕️

IEC 62304

Medical device software lifecycle standards

We also maintain compliance with GDPR, India's IT Act 2000, and ABDM (Ayushman Bharat Digital Mission) standards for healthcare data management.

Security Measures

Encryption

  • Data in Transit: TLS 1.3 encryption for all network communications
  • Data at Rest: AES-256 encryption for stored data
  • End-to-End: Encrypted video streams for tele-proctoring sessions
  • Key Management: Hardware Security Modules (HSM) for key storage

Access Controls

  • Authentication: Multi-factor authentication (MFA) required
  • Authorization: Role-based access control (RBAC)
  • Session Management: Automatic timeout and secure token handling
  • Audit Logging: Complete audit trail of all access and changes

Infrastructure Security

  • Cloud Infrastructure: Tier IV data centers with redundant systems
  • Network Security: Firewalls, intrusion detection/prevention systems
  • DDoS Protection: Advanced mitigation for availability
  • Data Backup: Encrypted backups with geographic redundancy

Application Security

  • Secure Development: Security built into SDLC from design phase
  • Code Review: Automated and manual security code reviews
  • Vulnerability Scanning: Regular automated and manual penetration testing
  • Dependency Management: Continuous monitoring of third-party libraries

Data Protection Practices

Healthcare Data Handling

  • De-identification of patient data for analytics and AI training
  • Segregated data storage with strict access controls per institution
  • Data residency options for compliance with local regulations
  • Automated data lifecycle management and retention policies
  • Secure data disposal with verified deletion

Privacy by Design

  • Minimal data collection - only what's necessary for service delivery
  • Purpose limitation - data used only for stated purposes
  • Data minimization in AI model training
  • User control over personal data with export and deletion options
  • Transparency in data processing activities

Security Monitoring & Incident Response

24/7 Security Monitoring

Continuous monitoring of systems for security threats and anomalies

Incident Response Team

Dedicated security team with defined incident response procedures

Breach Notification

Timely notification to affected parties in compliance with regulations

Regular Security Audits

Quarterly internal audits and annual third-party security assessments

Employee Security

  • Background Checks: All employees undergo security screening
  • Security Training: Regular mandatory security awareness training
  • Access Control: Principle of least privilege for all staff
  • Confidentiality Agreements: Signed NDAs and security policies
  • Device Security: Encrypted devices with remote wipe capabilities

Third-Party Security

We carefully vet all third-party service providers and require:

  • Compliance with our security standards
  • Business Associate Agreements (BAAs) for HIPAA compliance
  • Regular security assessments
  • Contractual data protection obligations
  • Audit rights to verify security practices

Your Role in Security

Security Best Practices

  • Use strong, unique passwords and enable MFA
  • Never share your login credentials
  • Keep your devices and software updated
  • Be cautious of phishing attempts
  • Log out when using shared devices
  • Report suspicious activity immediately

Vulnerability Disclosure

We welcome responsible disclosure of security vulnerabilities. If you discover a potential security issue, please contact our security team immediately:

Security Email: security@cogniaxis.ai

We request that you:

  • Provide detailed information about the vulnerability
  • Allow us reasonable time to address the issue
  • Avoid accessing or modifying user data
  • Do not publicly disclose until we've resolved the issue

Contact Security Team

For security concerns or questions:

General Inquiries: contact@cogniaxis.ai

Security Issues: security@cogniaxis.ai

Phone: +91 9560925518

Address: Prestige Shantiniketan, Bengaluru, Karnataka 560066, India

Additional Information: For details about data handling practices, see our Privacy Policy and Cookie Policy.

← Back to Home