logo
PROVIDERS
LABS
CROs
PAYORS
PATIENTS
ABOUT US
Schedule a Demo
Contact Us
scope image
Overview

Privacy & Data Security

1
icon
HIPAA & SOC 2 Compliance
Patient Data Protection: We adhere to HIPAA’s stringent requirements, ensuring that your protected health information (PHI) remains confidential and secure.
Trusted Infrastructure: Our SOC 2 certification further validates our commitment to robust data controls, availability, and processing integrity.
2
icon
End-to-End Encryption
Secure Transfer: All genetic and personal data is encrypted in transit (TLS/SSL) and at rest (AES-256).
Restricted Access: Only authorized personnel can view or handle sensitive information, with detailed audit trails to monitor and record every access event.
3
icon
Data Ownership & Transparency
Patient Control: You always retain ownership of your genetic data. You can request its deletion or revoke sharing permissions at any time.
Clear Consent: We collect and process data only with explicit patient or provider consent, ensuring clarity on how and why your data is being used.
4
icon
Compliance with Global Standards
InterSystems IRIS for Health: Built on a proven healthcare data platform that supports interoperability and meets security benchmarks worldwide.
Ongoing Security Measures: Our security framework is regularly updated to align with evolving regulations and best practices, such as GDPR and other regional data protection laws where applicable.
Saudi PDPL-Compliant Data Residency: In accordance with the Kingdom of Saudi Arabia’s Personal Data Protection Law (PDPL, Royal Decree M/19 & M/148), all Saudi clinical-genomic datasets are processed and stored exclusively inside Ministry-licensed Tier III+ healthcare data centers within the Kingdom. Our InterSystems IRIS for Health® stack enforces AES-256 encryption at rest, TLS 1.3 in transit, role- and row-level access controls, auditable FHIR®/API endpoints, and immutable data-lineage logs. Outbound data flows are technically blocked; cross-border transfers are enabled only through PDPL-approved contractual mechanisms with explicit patient consent and SDAIA adequacy clearance.
5
icon
Third-Party Labs & Partners
Vetted & Audited: Any external labs or partners that handle your samples or data must meet our strict privacy standards and undergo routine audits.
Seamless Chain of Custody: From sample collection to final reporting, every step is tracked, minimizing risk and ensuring accountability.
Get in Touch
Peace of Mind in Every Step
Feel confident knowing that your personal and genetic information is protected at the highest standards throughout your journey with PGxAI.
Email Us: admin@pgxai.com
Schedule a Demo