Data security

We guarantee the highest medical quality in eye care – and in the handling of data.

The responsible and confidential handling of your data as well as your customers' data is a central concern for us and part of our understanding of quality. With the following measures, we guarantee the highest standard of data security for our platform and collaboration: 

  • The Ocumeda platform ensures full compliance with the European General Data Protection Regulation (GDPR) and guarantees that all data is processed solely in accordance with these guidelines. 

  • We rely on cloud partners whose systems are regularly tested and certified according to international security standards such as ISO/IEC 27001 and the German BSI C5. All data is stored in Europe. 

  • Ocumeda has a certified quality management system in accordance with ISO 13485, to consistently adhere to regulatory requirements in the development and provision of safe medical products. 

  • External experts regularly conduct penetration tests to identify and rectify potential security gaps at an early stage. 

  • All data is securely encrypted both during transmission and storage. Wherever personal information is not required, we rely on anonymization/pseudonymization. 

  • Access rights to health data are strictly limited: Only you, the diagnosing ophthalmologist, and your clients have access. Disclosure to unauthorized third parties is excluded. 

  • We act in compliance with data protection laws and independently. All operational data remains under your sole control and is not accessible to third parties. 

The responsible and confidential handling of your data as well as your customers' data is a central concern for us and part of our understanding of quality. With the following measures, we guarantee the highest standard of data security for our platform and collaboration: 

  • The Ocumeda platform ensures full compliance with the European General Data Protection Regulation (GDPR) and guarantees that all data is processed exclusively in accordance with these guidelines. 

  • We rely on cloud partners whose systems are regularly tested and certified according to international security standards such as ISO/IEC 27001 and the German BSI C5. All data is stored in Europe. 

  • Ocumeda has a certified quality management system according to ISO 13485, to consistently meet regulatory requirements in the development and provision of safe medical products. 

  • External experts regularly conduct penetration tests to identify and rectify potential security gaps early on. 

  • All data is securely encrypted both during transmission and when stored. Wherever personal information is not required, we rely on anonymization/pseudonymization. 

  • Access rights to health data are strictly limited: Only you, the examining ophthalmologist, and your clients have access. Sharing with unauthorized third parties is excluded. 

  • We act in compliance with data protection regulations and independently. All operational data remains under your sole control and is not visible to third parties. 

The responsible and confidential handling of your data as well as the data of your customers is a central concern for us and part of our understanding of quality. With the following measures, we guarantee the highest standard of data security for our platform and collaboration: 

  • The Ocumeda platform ensures complete compliance with the European General Data Protection Regulation (GDPR) and ensures that all data is processed exclusively in accordance with these guidelines. 

  • We rely on cloud partners whose systems are regularly tested and certified according to international security standards such as ISO/IEC 27001 and the German BSI C5. All data is stored in Europe. 

  • Ocumeda has a certified quality management system according to ISO 13485, for the consistent adherence to regulatory requirements in the development and provision of safe medical products. 

  • External experts regularly conduct penetration tests to identify and fix potential security gaps at an early stage. 

  • All data is securely encrypted both during transmission and at rest. Wherever personal information is not required, we rely on anonymization/pseudonymization. 

  • Access rights to health data are strictly limited: Only you, the examining ophthalmologist, and your customers have access. Disclosure to unauthorized third parties is excluded. 

  • We act in compliance with data protection laws and independently. All operational data remains under your sole control and is not accessible to third parties. 

;