MH
Maiko Hospital Information System

Security and regulatory compliance

Healthcare data privacy is our top priority. Secure infrastructure, GDPR-compliant, and purpose-built for European healthcare.

Zero Knowledge

Not even we can see your data

Maiko Hospital Information System uses a zero-knowledge architecture: your patients' clinical data is encrypted client-side before it leaves your device.

AES-256 at rest TLS 1.3 in transit Client-side encryption

Security features

Technical and organizational measures to protect your patients' data.

Zero-knowledge architecture

Clinical data is encrypted client-side before it leaves your device. Maiko never has access to your patient data — not even we can read it.

End-to-end encryption

AES-256 at rest, TLS 1.3 in transit. Encryption keys are automatically generated and stored in your environment, never on our servers.

EU cloud hosting

All data is hosted on servers located in the EU. No international data transfers.

GDPR compliance

Designed and operated in compliance with the General Data Protection Regulation (GDPR).

Data Processing Agreement (DPA)

Data Processing Agreement available to all customers as required by GDPR.

Multi-factor authentication (MFA)

Two-factor authentication to protect user access.

Single Sign-On (SSO)

Integration with corporate identity providers via SAML 2.0 and OAuth 2.0.

Role-based access control (RBAC)

Granular permissions per user, professional role, and system module.

Full audit trails

Detailed logging of all actions: access, queries, modifications, and deletions.

Automatic backups

Daily backups with 30-day retention. Guaranteed disaster recovery.

Data export

Full export mechanisms in industry-standard formats: CSV, HL7, FHIR.

GDPR

Full GDPR compliance

Maiko Hospital Information System is designed from the ground up to comply with the European Union's General Data Protection Regulation.

  • Data hosted exclusively in the EU
  • Right to erasure and data portability
  • Explicit, documented consent
  • Security breach notification
  • DPA (Data Processing Agreement) included

Standards and regulations

Compliance with international security and interoperability standards.

GDPR / RGPD

European Union General Data Protection Regulation

ISO 27001

Designed in alignment with the international information security management standard (aligned, not certified)

HL7 / FHIR

Healthcare interoperability standards

Questions about security or GDPR?

Our security team can answer your questions and share additional documentation.

Request demo