MedBuddy is designed with medical-grade security, ensuring that your personal and health information remains private and fully under your control. We follow strict security frameworks used by global healthcare systems.
1. Medical-Grade Encryption
All your data — reports, documents, and identity details — is protected using AES-256 encryption, the gold standard for data protection.
- In Transit: Data is encrypted using TLS 1.3 during upload and download.
- At Rest: Files are encrypted while stored on our secure servers.
- Key Management: Encryption keys are rotated regularly and managed in isolated hardware modules.
2. Secure Identity Verification
We use Aadhaar only for identity verification, not for storage. To minimize risk:
- We only store the last 4 digits for identity reference.
- Full Aadhaar numbers are never stored in our database.
- Access is protected by OTP-based multi-layer authentication.
3. Zero Selling & Privacy Policy
MedBuddy follows a strict "No Sell, No Share, No Leak" policy. We do not share your health information with advertisers or any third parties without your explicit consent.
4. Compliance & Infrastructure
Your data never leaves the country. It is stored in ISO 27001-certified data centers within India, complying with:
- Digital Personal Data Protection (DPDP) Act, 2023
- HIPAA-compliant data architecture
- CERT-In cybersecurity standards
5. Physical Security
Even if your physical MedBuddy Card is lost or stolen, your data cannot be accessed without biometrics or Aadhaar-linked OTP verification.