Trust & Safety

Your Security Is Our Priority

At EazyCare AI, we understand that health data is the most sensitive information you entrust to us. That's why we've built a multi-layered security architecture designed from the ground up to protect your privacy.

End-to-End Encryption

All data is encrypted using AES-256 at rest and TLS 1.3 in transit. Your health information is protected with the same standards used by banks and military institutions.

Multi-Factor Authentication

We enforce MFA for all accounts, including biometric authentication, TOTP authenticator apps, and hardware security keys. Your account stays protected even if your password is compromised.

Secure Infrastructure

Our infrastructure is hosted on ISO 27001 and SOC 2 Type II certified cloud providers with redundant data centers, automated backups, and 99.99% uptime guarantees.

Access Controls

Role-based access control (RBAC) ensures only authorized personnel can access sensitive data. All access is logged, monitored, and regularly audited.

HIPAA & GDPR Compliance

We adhere to HIPAA (Health Insurance Portability and Accountability Act) and GDPR (General Data Protection Regulation) standards, ensuring your health data is handled with the highest legal protections.

Zero-Knowledge Architecture

Where technically feasible, we implement zero-knowledge principles so that even our engineering team cannot access your unencrypted health records without your explicit consent.

Continuous Monitoring

Our Security Operations Center (SOC) monitors systems 24/7/365 using AI-powered threat detection, intrusion prevention systems, and real-time anomaly detection.

Data Sovereignty

Health data is stored in regional data centers compliant with local regulations. Malaysian user data stays in Malaysia; EU data stays within the European Economic Area.

Incident Response

We maintain a comprehensive incident response plan with defined SLAs. In the unlikely event of a security breach, affected users are notified within 72 hours as required by GDPR.

Compliance & Certifications

EazyCare AI meets or exceeds industry security standards

ISO 27001

Information Security Management

SOC 2 Type II

Service Organization Controls

HIPAA

Health Data Protection (US)

GDPR

EU Data Protection Regulation

PDPA

Personal Data Protection Act (Malaysia)

PCI DSS

Payment Card Industry Standards

Responsible Disclosure

We encourage security researchers to report vulnerabilities responsibly. If you discover a security issue, please email us at security@eazycare.ai. We commit to acknowledging reports within 48 hours and resolving critical issues within 7 days.

We do not pursue legal action against good-faith security researchers

Security Questions?

Our security team is here to help. Reach out anytime for questions about our security practices or to report concerns.

Contact Security Team