Securing data of professional solutions is a top priority at Withings. Discover how it’s done.

Data security

Withings is committed to create a certified environment enabling health professionals to expand medical knowledge from multiple platforms following a unified and secure protocol. More and more use cases are supported in this environment.

Through the compliance to multiple standards (ISO 27001:2013, HDS and HIPAA), find out how we protect personal health data.

Certifications & Standards

To factor data privacy into our products and services, we strive for the highest standards of health data protection.

Certifications

HDS

HDS Certification

Health Data Hosting — version 1.1 final - May 2018 for activities 3 to 6 in accordance with the certification reference system provided by ASIP Santé.

Includes all systems, people and processes involved in the design, development, operations, validation and support of applications and services hosted on the Withings Medical Clouds which include the processing or disclosure of personal health data.

The certification referential includes: NF ISO/IEC 27001:2013, ISO/IEC 27018:2014, NF ISO/IEC 20000-1:2011, as well as additional requirements.

Download

ISO 27001:2013

ISO_27001

Withings provides the service of a hosting provider in accordance with the requirements of the International Organization for Standardization 27001:2013 standards.

Includes all systems, people and processes involved in the design, development, operations, validation and support of applications and services hosted on the Withings Medical Clouds which include the processing or disclosure of personal health data.

Download

Standards

GDPR

GDPR

General Data Protection Regulation — European Union 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.

HIPAA

HIPAA

Health Insurance Portability and Accountability Act of 1996. Standard governing the hosting of personal health data.

Includes all systems, people and processes involved in the design, development, operations, validation and support of applications and services hosted on the Withings Medical Clouds which include the processing or disclosure of personal health data.

Download

Contracts & project safeguards

To factor data privacy into our products and services, we strive for the highest standards of health data protection.

Security Insurance Plan

Detailed in the sections below, the Withings Security Insurance Plan describes the methods, organization, and quality assurance and quality control activities specific to applications hosted by the Withings Medical Cloud in order to:

  • constitute a common reference for all collaborators to standardize working methods;
  • guarantee the quality of products and services by defining measurable criteria;
  • define the procedures to be followed, the tools to use, the standards to be respected, the methodology and the controls to be planned for each activity and referenced in the Information Security Management System (ISMS - Information Security Information System).

The production and updates of the Security Insurance Plan (SIP) as well as the monitoring of its application are the responsibility of the security or information security manager (ISM). In particular, he or she is in charge of monitoring the actions to be taken for the proper implementation of the SIP.

Subcontractors management

Withings uses one or more subcontractors to provide hosting services for the activities of providing physical hosting premises and physical infrastructure (for activities 1 to 2 in accordance with the certification reference framework provided by ASIP Santé).

Subcontractors are selected by following the subcontractor management procedure, including information security level controls in accordance with the requirements of the ISO 27001:2013 and HDS standards - version 1.1 final - May 2018.

Services & applications security

For services hosted on Withings Medical Cloud, we deliver, maintain and manage data protection in our applications and services across all stages of their lifecycle and within differing regulatory environments.

Secured development

Training on secured code

At least once a year, developers participate in secure code training covering the top 10 OWASP or equivalent security risks, common attack vectors, and Withings security controls.

Framework security controls

Withings relies on modern techniques with security controls to limit exposure to the top 10 OWASP security risks. These inherent controls reduce our exposure to SQL Injection (SQLi), Cross Site Scripting (XSS), and Cross Site Request Forgery (CSRF), among others.

Agile organization, code review and testing

All development activities are organized in AGILE method with the establishment of sprints and prioritization of tasks with the Product Manager team. All sprints are historized. Developers must perform unit tests, functional integration tests, and security tests. Code and tests are reviewed and evaluated through peer reviews before deployment.

Software Quality Assurance

The Software Quality Assurance department tests the services and applications before going into production (manual or automatic tests).

Environments separations and test data

The development and test environments are logically separated from the production environment. No personal production data is used in our development or test environments.

Vulnerabilities management

Code audit

Withings uses third party security tools to analyze all code prior to production against major security risks. Vulnerabilities that may cause security breaches are mandatorily corrected and/or planned in a continuous improvement cycle.

Automatic code testing

The code is automatically tested with predefined test scenarios to ensure that changes do not result in any loss or degradation of security. Tests are performed on virtual machines with a limited lifespan and completely separate from production.

Third-Party Penetration Testing

In addition to vulnerabilities management including analysis and testing, Withings employs third party security experts to perform penetration testing on various applications in our product range.

Authentication security

Password policy

Withings requires the use of a strong password and complies with international recommendations in terms of robustness. This policy applies to all users of the Withings MED·PRO solution.

Two-factor authentication

Withings imposes the use of two-factor authentication for all users of the Withings MED·PRO CARE solution.

Authentication data storage

Withings never displays plaintext authentication data in its applications or services.

API - partner application authentication

Withings API uses the OAuth 2.0 method to authenticate partner applications. Each application has a unique and robust client id and secret.

API - collection of individual consent and authentication.

Withings API uses the OAuth 2.0 method to collect end user consent. The connection data is then secured with expiring tokens that the client must regenerate from Withings.

Role-based access controls

The majority of Withings applications and services are subject to access controls based on roles with predefined privileges allowing controlled use and access to data.

Securing data in transit

All communications over the public network are encrypted with HTTPS/TLS industry standards (TLS 1.2 or higher).

Change management

Categorization of changes

Withings has defined change categories allowing a follow-up adapted to the typology of the change in order to keep a strong reactivity while ensuring that the implications are properly assessed.

Change procedure

Withings has defined a change management procedure depending on its category, which may include: a change request, appointment of a change committee, security risk analysis, planning, implementation of the change, or modification of the continuity or recovery plan.

Medical cloud & infrastructure protection

Because how we protect data is part of how we build value for our health partners, we call upon the best firewall, connection, encryption, and backup solutions within high-security facilities to protect Withings Medical Cloud.

Physical data center security

Physical facilities

Withings hosts its medical infrastructure on the Google Cloud Platform (GCP) in data centers in the United States. All data centers are certified ISO 27001, ISO 27017, ISO 27018, PCI DSS, SOC I/II/III.

Learn more about GCP compliance

To ensure 24/7 operation and constant availability of services, Google's data centers are equipped with redundant power systems and are subject to environmental controls. Every critical component has a main power source as well as an alternating power source of equal power.

On site security

Google's data centers are designed with a multi-layered security model that includes custom-designed electronic access cards, alarms, vehicle access control barriers, security fencing, metal detectors, and biometric technologies. Each data center is also equipped with a laser beam intrusion detection system. The data centers are monitored 24 hours a day, 7 days a week using high-resolution indoor and outdoor cameras that can detect and track intruders.

Learn more about GCP data center security

Withings hosts its medical infrastructure on the Google Cloud Platform (GCP) in data centers in the United States.

Location of data hosting

Upon request, the client may request to regionalize the processing of its data to an available location of MED·PRO services. Withings respects the client's choice and informs clients if one or more services are not regionalizable.

Networks security

Protection

Withings network is protected by the use of GCP security services (DMZ, Access Control List (ACL) firewall, anti-malware, securing data in transit via TLS, IPSec VPN...).

Architecture

Our network security architecture consists of multiple layers of security, each replicated in multiple availability zones. DMZs are used for areas exposed to the public network. Each layer is protected via firewalls.

Infrastructure Vulnerability Analysis

The analysis of infrastructure security via automated scans provides in-depth information for the rapid identification of non-compliant or potentially vulnerable systems.

Third party penetration tests

In addition to vulnerabilities management including analysis and testing, Withings employs third party security experts to perform penetration testing on its medical infrastructure.

Logistical access

Access to the production platform is limited to system administrators. All accesses are controlled and recorded in protected logs and automatically analyzed and audited by a security engineer independent of system administrators. System administrators accessing the production platform must use several personal and robust authentication factors.

Backups

Withings has implemented a backup policy for all production systems and environments, including databases, GIT directories, virtual machine disks, and document sharing servers. Backups are regularly executed and tested according to their level of criticality. Backups are then encrypted before encrypted transfer to secure storage. Only system administrators have access to backups.

Events logging

Withings has set up an event logging policy including system administration logs that cannot be disabled. Activities on all Withings systems and applications are also logged. The logs are then analyzed by automatic algorithms in order to detect any suspicious or malicious activities.

Security incidents management

A continuous alert system allows continuous monitoring of security incidents and their resolution by system administrators in the shortest possible time (between 24 hours and 96 hours). Employees are trained on security incident response processes, including the management of communication channels and escalation paths.

Encryption

Encryption of stored data

Withings uses low-level disk encryption. The encryption must have a robustness of at least AES-256 or equivalent.

Encryption of databases

Information in databases is encrypted according to its classification in the data registry.

Communication encryption

On public networks, all communications with Withings user interfaces and APIs are encrypted using the HTTPS / TLS standard (TLS 1.2 or higher). This ensures that all traffic between the client and Withings is secure in transit.

SSH connections

Withings guarantees SSH connections using only SSH v2 and industry recognized Encryption Ciphers.

VPN connection

Withings guarantees VPN connections using only industry-recognized and robust Encryption Ciphers.

Backups

All backups are encrypted, at least once, before being transmitted to a remote storage area. Where possible, they are also encrypted by the storage solution itself.

Availability plan & continuity

Information on the availability

Withings provides a publicy accessible system status web page that includes system availability details, planned maintenance, service incident history and relevant security events.


See Withings public status web page

Redundancy

The entire physical and cloud infrastructure is redundant in order to minimize the risk of downtime and data loss. In particular, the databases are configured with near-instantaneous replication to ensure that, under normal operating conditions, the complete loss of the main node receiving the writings does not result in data loss of more than a few seconds.

Recovery point objective

Withings IT backup policy ensures a daily backup of production databases. Withings therefore ensures that the recovery point objective (RPO) will not exceed one dayin the event that Withings activity is maintained.

Disaster recovery plan

Withings disaster recovery plan ensures that the production platform can be fully recreated in the event of a total malfunction of the production environment. All code, configurations, and databases are stored in secure locations and are independent of the production environment. Restoration of the complete platform is automatically regularly. Withings therefore commits to ensure that the maximum tolerable period of disruption (MTPD) is no longer than one week for the resumption of a degraded service, or even operational in the majority of disasters, in the event that Withings activity is maintained.

HR Security

The limited staff that handles data in the Withings Medical Cloud is subject to regular vetting and continuous training on how to mitigate the risks involved in processing personal data.

Employees management

Background and competency checks

Withings conducts background checks on all new employees in accordance with local laws. These checks are also performed for contractors. Background checks may include technical and general skills, previous employment, and criminal record checks if required.

Confidentiality agreement

All employees must sign non-disclosure and confidentiality agreements. This confidentiality agreement remains valid after the end of the employment contract.

Role and responsibilities definition

Withings ensures that all roles and responsibilities involved in its ISMS are well defined and assigned to and understood by individuals.

Disciplinary procedure

Withings has put in place disciplinary procedures in the event of a breach of entrusted responsibilities based on a scale of sanctions defined in the internal regulations.

Security awareness

Background and competency checks

Withings conducts background checks on all new employees in accordance with local laws. These checks are also performed for contractors. Background checks may include technical and general skills, previous employment, and criminal record checks if required.

Security policies

Withings has developed a comprehensive set of security policies covering a wide range of topics. These policies are shared and made available to all employees and subcontractors with access to Withings' information systems.

Information security awareness

All employees undergo security awareness training that is included in the hiring procedure and reviewed annually thereafter. The basic rules and good practices are also recalled on the Withings premises.

Security training

All developers are made aware of the top 10 OWASP security risks through training and best practice guides. Training sessions with external experts are also organized to ensure a deep knowledge and dissemination of the secure code. The security team also provides additional security awareness updates via email, blog posts, and presentations at internal events.

Continuous improvement

As an innovative IOT company, we make sure that we are always one step ahead of current data protection standards. This is enabled by a regular internal and external audit plan.

Internal audits

Internal audit plan

All WSIS processes are audited by internal audit teams or by external service providers.

Management review

Management reviews ensure that Management systematically reviews ISMS, assesses opportunities for improvement, and decides on the measures necessary to ensure the relevance, adequacy, and effectiveness of ISMS.

Security committee

The Security Committee also ensures the security watch carried out by the security engineer, the review of security incidents and action plans. The Security Committee also reviews the technical indicators set up to assess the effectiveness of the ISMS, and prepares the report for the Executive Committee.

External audits

Technical audits

In addition to vulnerability management including analysis and testing, Withings employs third party security experts to perform detailed penetration testing on various applications in our product line. External technical audits are integrated into Withings annual Quality Plan.

Conformity assessment audit

Withings may use independent conformity assessment audits to ensure the compliance of its ISMS with standards such as HIPAA.

Compliance certification audit

Withings has embarked on a certification process by an accredited body to ensure that its ISMS complies with international standards recognized by the industry. The proper functioning of the ISMS is therefore assessed annually by an independent trusted third party. All the certifications, as well as the audit reports, are available upon request of the client.

Conformity assessment audit

Withings provides certificates of conformity to its clients upon request as well as the audit reports of the certification body. Withings accedes to any request from its client to audit the personal data protection measures. If Withings justifies objective reasons that the audit does not guarantee sufficient conditions of independence and impartiality, Withings will have the right to refuse the audit. In all cases, the audit will only concern the respect of Withings contractual commitments in terms of protection of personal data.