Last Updated: July 15, 2026
At Nostavia Health, security is built into our infrastructure from the ground up. We understand that health data is highly sensitive, and our platform is designed to provide maximum protection for your users' information.
All data transmitted between our clients, SDKs, and our backend infrastructure is encrypted in transit using industry-standard TLS 1.3. Data at rest is encrypted using AES-256 encryption across all our databases and storage systems.
We strictly adhere to global data protection and privacy standards:
We enforce strict role-based access control (RBAC) internally. Access to production environments and customer data is restricted to authorized personnel who require it to perform their job functions. All access is logged, monitored, and regularly audited.
Our security team utilizes automated monitoring, intrusion detection systems, and regular vulnerability scanning to proactively identify and mitigate potential threats. We also conduct periodic penetration testing by independent third-party security firms.
We maintain a comprehensive Incident Response Plan to rapidly address any security events. In the unlikely event of a data breach, we commit to notifying affected partners and regulatory bodies in accordance with applicable laws.
If you have identified a potential security vulnerability in our platform, please report it to our security team immediately at contact@nostaviahealth.com. We appreciate responsible disclosure and work quickly to address issues.