Last updated: 1st May, 2025

Last updated: 1st May, 2025

Trust Center

Trust Center

Overview

At Dawnbreak AI, data security and privacy are core to our operations. Our website incorporates robust security measures to ensure confidentiality, integrity, and availability of data, particularly given the sensitive nature of healthcare information.

Data Protection and Compliance

We adhere strictly to applicable data protection laws, including:

  • DPDP Bill (Digital Personal Data Protection Bill, 2023, India)

  • IT Act & Rules (Information Technology Act, India)

  • HIPAA (Health Insurance Portability and Accountability Act, U.S.)

  • GDPR (General Data Protection Regulation, E.U.)

Measures Implemented:

  • Explicit user consent for data processing and storage

  • Data minimization principles ensuring collection of only necessary data

  • Secure data storage located within India

  • Restricted data access based on user roles and responsibilities

Data Encryption

  • All data in transit encrypted via HTTPS (TLS 1.2+)

  • Data at rest encrypted using AES-256 standards

Authentication and Access Control

  • Secure login mechanisms requiring strong passwords

  • Role-based access control (RBAC) to limit data access to authorized users only

  • Implementation of Multi-Factor Authentication (MFA) for internal team access

Infrastructure and Network Security

  • Hosting infrastructure on secure, reliable cloud platforms (Google Cloud, Runpod) with comprehensive built-in security features

  • Regular security assessments and audits

  • Robust firewall configurations to restrict unauthorized access

  • Intrusion detection and prevention systems in place to monitor network traffic and detect anomalies

Secure Development Practices

  • Implementation of secure coding standards to minimize vulnerabilities

  • Regular code reviews and vulnerability scanning with automated tools

  • Integration of security considerations into our continuous integration and deployment (CI/CD) pipelines

Incident Response

  • Defined incident response plan detailing steps for incident detection, containment, eradication, recovery, and post-incident review

  • Regular training and simulations to ensure readiness for potential security incidents

Privacy and Consent Management

  • Transparent privacy policies accessible to all users

  • Mechanisms for users to manage their data and consent preferences directly

Physical Security

  • Use of secure data centers provided by reputable cloud hosting partners

  • Controlled physical access to infrastructure through stringent security checks and protocols

Employee Training and Awareness

  • Regular security training sessions for all employees

  • Ongoing education to ensure all team members understand and follow best practices in data protection and security

Monitoring and Auditing

  • Continuous monitoring of application and network activities

  • Regular security audits and assessments conducted by third-party experts

Disaster Recovery and Business Continuity

  • Regular data backups with annual backup testing

  • Semi-annual testing of Business Continuity Plans (BCP)

Intellectual Property Protection

  • Secured proprietary AI models and codebase through stringent intellectual property (IP) management practices

  • Contracts with clear IP protection clauses for employees and third-party contractors

By implementing these stringent measures, Dawnbreak AI is committed to maintaining the highest standards of data security and privacy, ensuring trust and compliance for all our stakeholders.