Company News

TIMIFY is now monitored by DRATA

TIMIFY
By TIMIFY
05 May, 2022

TIMIFY utilizes enterprise-grade best practices to protect our customers’ data. We’re currently in the process of pursuing our ISO 27001 Certification. We have built a thorough ISMS that includes the following:

Back

ISO 27001

TIMIFY utilizes enterprise-grade best practices to protect our customers’ data. We’re currently in the process of pursuing our ISO 27001 Certification. We have built a thorough ISMS that includes the following:

Continuous Security Control Monitoring

TIMIFY uses Drata’s automation platform to continuously monitor 100+ internal security controls across the organization against the highest possible standards. Automated alerts and evidence collection allows TIMIFY to confidently prove its security and compliance posture any day of the year, while fostering a security-first mindset and culture of compliance across the organization.


Employee Trainings

Security is a company-wide endeavor. All employees complete an annual security training program and employ best practices when handling customer data.


Secure Software Development

TIMIFY utilizes a variety of manual and automatic data security and vulnerability checks throughout the software development lifecycle.


Data Encryption

Data is encrypted both in-transit using TLS and at rest.


Internal Audit Program

Internal Audits are conducted annually by personnel who are independent and competent, as defined by the ISO standard. 


Vulnerability Disclosure Program

If you believe you’ve discovered issues in TIMIFY’s security, please get in touch at security-team@timify.com. Our security team promptly investigates all reported issues.


Risk Management Program

TIMIFY conducts a Risk Assessment annually that results in the creation of Risk Treatment Plans which lay the foundation for overall risk reduction and continuous improvement of the security program. 


HIPPA

TIMIFY utilizes enterprise-grade best practices to protect our customers' sensitive health information, and uses Drata to verify its security, privacy, and HIPAA compliance controls.

About HIPAA 

HIPAA is a federal law that requires the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge.

Drata’s HIPAA product provides an automated approach to ensuring that organizations can demonstrate compliance.

Continuous Security Control Monitoring

TIMIFY uses Drata’s automation platform to continuously monitor security controls across the organization. Automated alerts and evidence collection allows TIMIFY to confidently prove its commitment to protecting your sensitive health information any day of the year, while fostering a security-first mindset and culture of compliance across the organization.

Employee Trainings

Security is a company-wide endeavor. All employees complete an annual HIPAA training program and employ best practices when handling customers' private health information.

Secure Software Development

TIMIFY utilizes a variety of manual and automatic data security and vulnerability checks throughout the software development lifecycle.

Data Encryption

Data is encrypted both in-transit using TLS and at rest.

Vulnerability Disclosure Program

If you believe you’ve discovered a bug in TIMIFY’s security, please get in touch at security-team@timify.com. Our security team promptly investigates all reported issues.
​​​​​​​


If you have any questions or would like to receive further information, please contact our support team via our website

TIMIFY

About the author

TIMIFY

TIMIFY is a global leader in scheduling and resource management software-as-a-service (Saas). It is known for its sophisticated, secure, and customisable enterprise-focused technology.