Medigold Pulse – Information Security

Security standards

Medigold Health places the security of its data and that of its clients at the heart of its business processes. We hold ISO 27001: 2022 and Cyber Essential Plus accreditation. Enforced policies ensure Medigold Health employees use Single Sign-on with Multi-Factor Authentication (MFA) throughout the ICT environment.

Security by design

Medigold Health takes full ownership and responsibility for its process applications with an in-house design and development team. We use SAST & DAST to ensure security by design and use separated development, staging and live environments to protect your data from software failures.

Don’t take our word for it

We don’t rest on our laurels when it comes to data security. We undergo an annual Penetration Testing of our occupational health management applications, performed by an external CHECK & CREST certified partner.

In the January 2025 testing set, only sixteen medium vulnerabilities were detected across the complete suite of developed programs.

Security even when we sleep

Medigold Health work with a partner organisation that maintains a 24/7, 365-day Security Operations Centre. We feed them system and device logs for analysis so they can inform us of any anomalies, with an out-of-hours escalation path available for any critical incidents.

During the first two weeks of February 2025, 382,862,346 pieces of log data were analysed, resulting in 22 low-level alerts being generated (for example, an inbound email rule being set on a mailbox).

Protecting against the unknown

Medigold Health has deployed a centrally managed malware Endpoint Protection across its server and workstation estate and combined this with email filtering services for a holistic approach to threat management.

Committed to excellence

Medigold Health ensures compliance with data security and industry accreditation
https://www.medigold-health.com/our-accreditations-and-certifications/