Your Data, Protected with Care and Precision

Hapya prioritizes your data security and privacy to ensure compliance and build trust with every user

Why Your Data Matters ?

Handling sensitive healthcare data comes with a responsibility to ensure its protection. Hapya implements top-tier security measures to safeguard patient information, adhere to NDIA regulations, and maintain user trust

Prevent unauthorized access to sensitive data

Ensure regulatory compliance (HIPAA, GDPR, MFA).

Built on trusted and robust security practices.

Our Data Privacy and Security Policies

Hapya was build to be both compliant and feature rich with security settings and customisation that protects your data

Hapya collects different types of information in connection with the services we provide, including:

Personal Information: If you register an account with us, we collect personal information, including but not limited to your name, email address, billing information, and contact details.

Usage Data: We may collect information about how you interact with Hapya, such as features you use, time spent on the platform, and other usage data.

Automated Data: We may collect technical information such as IP address, browser type, operating system, and device information automatically when you use Hapya.

Reports and Analytics: As part of our reporting functionality, we may collect data generated by your interactions within the AI reporting tools, such as performance metrics, trends, and insights based on the data provided.

2. How We Use Your Information We use the information we collect in the following ways:
• To provide, operate, and maintain the services of Hapya.
• To improve, personalize, and expand the features and functionality of Hapya.
• To communicate with you, including customer service, account management, and notifications about updates to our services.
• To analyze user behavior and usage trends to improve the performance and quality of our platform.
• To comply with legal obligations, resolve disputes, and enforce our agreements.

3. Data Security
 We implement appropriate technical and organizational measures to protect your data from unauthorized access, alteration, disclosure, or destruction. These measures include encryption, access control, and secure data storage practices.

However, please note that no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee the absolute security of your information.

4. Data Sharing and Disclosure
We do not sell, rent, or trade your personal information to third parties. However, we may share your data in the following cases:

• With Service Providers: We may share your information with third-party service providers who help us provide and improve the services (e.g., hosting, payment processing, email communications). These providers are obligated to handle your data in accordance with our instructions and applicable law.
• With Legal Authorities: We may disclose your personal information if required by law or when we believe in good faith that such action is necessary to comply with a legal obligation, protect the rights or safety of others, or defend against legal claims.
• Business Transfers: If Hapya undergoes a merger, acquisition, or sale of all or a portion of its assets, your personal data may be transferred to the new owner as part of the transaction.

5. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy or as required by law, whichever is longer. If you wish to delete your account or request that we no longer use your data, please contact us at [support@hapya.com].

6. Your Rights and Choices
Depending on your location and applicable law, you may have the following rights regarding your personal data:
• Access and Update: You can access and update your personal information through your account settings or by contacting us directly.
• Deletion: You may request the deletion of your personal data, subject to legal and contractual restrictions.
• Opt-Out: You may opt out of marketing communications at any time by following the unsubscribe instructions in the emails we send you or by contacting us directly.
• Data Portability: In some jurisdictions, you may have the right to receive a copy of your personal data in a structured, commonly used format.

To exercise any of these rights, please contact us at support@hapya.com.au.

7. International Data Transfers
Hapya operates globally, and your personal data may be transferred to, and stored in, countries outside your country of residence. By using Hapya, you consent to the transfer of your personal data to these countries, which may have different data protection laws than your country.

8. Children’s Privacy
Hapya is not intended for children under the age of 13. We do not knowingly collect personal information from children. If we learn that we have collected personal data from a child under 13, we will take steps to delete such data.

9. Changes to This Privacy Policy We may update this Data Privacy Policy from time to time. If we make significant changes, we will notify you by email or through a notice on our website. Please review this policy periodically for any updates.

10. Contact Us If you have any questions, concerns, or requests regarding this Data Privacy Policy, please contact us at:
Email: support@hapya.com.au

At Hapya, we are committed to ensuring the security of your account and protecting your sensitive data. We implement robust User Access Controls, including Single Sign-On (SSO) and Two-Factor Authentication (2FA), to provide you with both convenience and enhanced security when accessing our platform.

1. Single Sign-On (SSO) We offer Single Sign-On (SSO) integration to simplify and secure your login process. SSO allows you to access Hapya using your existing credentials from trusted identity providers, such as Google, Microsoft, or other enterprise solutions. This eliminates the need to remember multiple passwords while maintaining a secure and seamless user experience.
By using SSO, we ensure that access to Hapya is tightly controlled by the identity provider’s authentication mechanisms, which can include their own security features like MFA (Multi-Factor Authentication).

2. Two-Factor Authentication (2FA) We highly encourage users to enable Two-Factor Authentication (2FA) to add an extra layer of security to their accounts. When enabled, 2FA requires users to verify their identity using two separate factors:

• Something you know: Your account password.
• Something you have: A time-sensitive code sent to your registered mobile device or email, or generated via an authentication app (such as Google Authenticator or Authy).

This extra step helps protect your account from unauthorized access, even if your password is compromised. 2FA is optional but strongly recommended for all users to help safeguard sensitive data.

3. Access Control and Role-Based Permissions Hapya offers role-based access control (RBAC), allowing administrators to manage user roles and permissions. This ensures that only authorized personnel have access to specific reports and functionalities within the platform, based on their role within your organization. By defining roles and permissions, you can control which users can view, edit, or manage sensitive data and reports.

4. Secure Account Recovery In the event that you forget your password or need to recover your account, we provide a secure account recovery process. This process includes identity verification steps to ensure that only the rightful account holder can regain access to their account.

5. Ongoing Security Monitoring and Alerts We monitor user account activity to detect and prevent any unauthorized access attempts.

6. Compliance with Security Standards Our access control mechanisms, including SSO and 2FA, are designed to meet industry security standards and comply with relevant data protection regulations, such as the General Data Protection Regulation (GDPR) and other applicable data security laws.
By using Hapya, you benefit from a secure and user-friendly environment that prioritizes your account’s integrity and confidentiality. We recommend that all users enable 2FA and consider using SSO for added security and ease of access.
For more information on setting up SSO or 2FA with your account, or if you need assistance with any other security-related concerns, please contact us at support@hapya.com.au.

Compliance That Sets Us Apart

Hapya is designed to meet the strictest global security standards, ensuring full compliance and peace of mind for healthcare professionals.

HIPAA

MFA

GDPR

End-to-end encryption protects your data at every stage.

Spend less time on paperwork and more time helping patients with our AI-driven efficiency."

Multi-factor authentication adds an extra layer of security
Simplify your workflow with an intuitive platform designed for healthcare professionals.

Real-time monitoring prevents unauthorized access
Simplify your workflow with an intuitive platform designed for healthcare professionals.