Where is the data stored?
All form data is encrypted during transmission and at rest (AES256) and is stored on AWS servers – some of the most secure data facilities in the world.
How often are our files (e.g. submitted forms) backed up?
All of iPEGS data is stored on AWS RDS so we utilise continuous backup and point-in-time recovery - all forms are therefore constantly backed up every time a change is made.
How long are backups kept for?
We store complete backups of all changed data in a 24 hour period for 7 days.
Is it possible to restore an individual form?
Yes, we can restore an individual form's data from point-in-time recovery (in the previous 7 days). Please note there is a charge for this type of recovery.
Are the backups kept on-site (or moved off-site)?
The backups are stored in the cloud, we store no data locally so it's always off-site.
What other resilience measures do you have in place?
We utilise AWS Multi-AZ for our production databases - this uses a primary DB Instance and synchronously replicates the data to a standby instance in a different physical location.
Do the form templates comply with insurance requirements?
Our form templates are designed to save time for our customers, but it is down to each individual customer/business to ensure the forms meet the legal requirements in their location, as well as their own insurance requirements.
Are electronic signatures legally accepted?
Electronic signatures have been legal in most countries and states for many years now. Please check your local laws for confirmation of this.
Are the forms GDPR compliant?
We are Cyber Essentials and IASME GDPR Governance Standard Certified as an organisation. We have a standard data protection and privacy statement on all of our own UK form templates.
We are the data processor and you as the Customer are the data controller, therefore both parties need to follow GDPR guidance.
Are the forms HIPAA compliant?
iPEGS have physical, network, and process security measures in place and follow them to ensure HIPAA Compliance.
AWS enables covered entities and their business associates subject to the U.S. Health Insurance Portability and Accountability Act of 1996 (HIPAA) to use the secure AWS environment to process, maintain, and store protected health information.