Data Ownership and Security Explained

About Invent Medical Data Ownership, Security & Backup Policy.

Invent Medical supports optional 2FA for enhanced account security. Supported methods include Google Authenticator and Time-based One-Time Passwords (TOTP). Organizations are encouraged to enable 2FA for privileged users.

We follow secure password management practices including cryptographic password hashing, secure authentication processes, strict access restrictions, and session management controls. Strong customer password policies are supported.

Stored information is protected via rigorous database security mechanisms, access restrictions, segregated permissions, activity monitoring, and backup protection. Direct database access is not provided to customers.

Invent Medical uses industry-standard encryption technologies to protect customer information. Encryption protections apply to data in transit, secure communications, authentication processes, and sensitive information storage.

Network security controls include enterprise firewalls, live traffic monitoring, intrusion prevention mechanisms, access filtering, and secure communication channels to block unauthorized access attempts.

Our underlying cloud infrastructure providers maintain world-class physical security controls including strictly access-controlled facilities, continuous surveillance systems, environmental protections, and redundant physical infrastructure.

We maintain scheduled backups, infrastructure redundancy, and clear disaster recovery planning. These controls support business continuity and reduce risks associated with hardware failures or service interruptions.

The platform maintains immutable audit records of important activities, including user access events, administrative actions, security-related updates, and data export operations to support compliance and accountability.

For deep security compliance, large-scale exports of patient information are monitored and logged. Records include the user performing the export, the date and time, the specific scope of data, and relevant system activity logs.

Uploaded files and medical attachments (such as X-rays, medical images, lab reports, and clinical documents) remain securely linked with patient records and are protected using the exact same robust encryption and security frameworks.

Advanced specialty charting tools—including dental and future specialty visual charts—keep findings exportable as patient data. Rendering engines, visualization logic, and proprietary chart-generation technologies remain protected intellectual property.

Invent Medical does not store customer payment card information unless explicitly supported through approved payment integrations. All processing is securely executed directly through approved third-party payment gateways.

We maintain concrete procedures for identifying, investigating, and responding to incidents. This encompasses structured incident assessment, rapid containment, thorough investigation, corrective actions, and customer notifications where appropriate.

Invent Medical utilizes approved, enterprise cloud infrastructure providers operating securely within Bahrain and other supported jurisdictions, enforcing top-tier technical and organizational safeguards.

Customer information is strictly retained only for as long as necessary to successfully provide subscribed services, satisfy healthcare legal obligations, maintain system backups, or fulfill explicit contractual commitments.