We’re aware of the concerns homecare providers like you may have in light of the recent cyber attack and outages faced across the NHS. This attack has highlighted the importance of building the right infrastructure and continuing to invest in the security of digital platforms. It’s also reinforced the critical role technology plays in the health and safety of - and in providing necessary care for - older adults.
We wanted to highlight the ways Birdie continues to prioritise the safety and security of you, your care recipients, and the Birdie platform.
What precaution has Birdie taken to minimise the likelihood and risk of platform outage and data breach?
Customer trust and data security are critical to everything we do at Birdie, and we have a number of behind-the-scenes ways in which we ensure maximum data security for our partners.
- We have a dedicated team who is responsible for ensuring that our platform is secure and available 24/7.
- We have appointed a Data Protection Officer (DPO) to oversee and advise on our data management and we follow the requirements of the CQC, ICO, GDPR and the Data Protection Act 2018.
- We have implemented Single Sign-on, 2-factor authentication and strong password policies across our platform and toolkit to ensure access to our services are protected.
- We have built in redundancy plans for our platform across different data centers. In case of an outage from one of our data centers, we will remain fully operational from other data centers.
- Our platform has been designed to operate individual product components independently, reducing the risk of dependency should a subset of our products experience any access issues.
- We have achieved Cyber Essentials Plus and and the NHS Data Security and Protection Toolkit standards.
- We regularly engage security experts, and leverage multiple tools, to review and perform detailed penetration tests on the Birdie application and infrastructure, protecting it against potential threats or errors.
Please see here for further detail on how we ensure Birdie's product is secure.
What happens if Birdie's platform has been hacked? What does it mean for the care providers and carers? What contingencies do we have in place to minimise the impact?
We have a 24/7 incident response team to react to any platform issues as soon as it occurs. In the event where our platform has become unavailable, we have designed our platform to minimise the impact to our partners.
Specifically, our mobile application will continue to operate with our platform being offline to minimise care delivery operation in case of an outage:
- All visit schedules, tasks and medication will continue to be accessible on the carer mobile app for at least 48 hours.
- The last 10 care log reports are always available offline (while logged-in).
- All visit-related features such as check-in, observations, recording of tasks and medications are available offline and will continue to work. The data will be sychronised with our server as soon as the platform has been restored online.
We have developed recovery plans with a back-up database to restore our platform as soon as possible and minimise risk of data loss in case of an outage:
- Every database is backed up at least daily in a secured back-up database. In the event of an outage, we ensure the latest information can be accessible via the back-up database.
- No programmatic access is possible from our active data centre to the back-up one. There is strict access control, allowing only a small number of employees to access to this DR account, further reducing the risk of data loss.
- We rehearse outage recovery scenarios regularly so the team stands ready to deploy the back-up database when necessary to ensure continuity of our platform availability.
We hope this provides some reassurance whether you’re already using Birdie or someone looking for a new technology partner. At Birdie, the health and well being of the care recipients supported by our platform is our top priority, and we continue to keep security central to how we build our product. We’re here to answer any questions you have during this time. Let us know how we can support you.