Data security and protection
Robust data security and data protection are an integral part of RAAB7’s design. Survey data is processed in line with the most stringent data protection regulations. The RAAB7 software is secure and we follow global best practice in data security to ensure data is kept safe at all times.
In addition to the overview below, you can access more detailed information about our data security systems and processes in our RAAB7 data security and protection document (pdf). This covers information including data storage, access, encryption and backup. There is also information available on how RAAB7 data is managed end-to-end on our data workflow page.
RAAB7 is hosted on the Amazon Web Services (AWS) Cloud, which is one of the most secure cloud computing environments available today. The AWS Cloud is built to satisfy the security requirements of healthcare providers, global banks and other high-sensitivity organisations.
All personal data in RAAB7 is processed and stored in line with the EU and UK's General Data Protection Regulation (GDPR). The GDPR has set the tone for data protection internationally, creating a new global standard to which many countries are aligning. This means that the way RAAB7 survey data is managed, processed and safeguarded is in compliance with the guiding principles of data protection regulations across the globe. The RAAB7 Data Sharing Agreement provides RAAB7 partners with legal assurance that data will be processed in compliance with data protection regulations. This agreement is shared with prospective RAAB partners.
ISO 27001 Certification
Peek Vision, which developed and hosts the RAAB7 software, is an ISO 27001 certified organisation. ISO 27001 is an internationally recognised security management standard that specifies security management best practices and robust security controls.
RAAB7 software undergoes annual penetration security tests, conducted by a third party specialist security testing company.
RAAB7 data workflow
RAAB7 data is securely managed end-to-end, from collection through to storage and publication where agreed. Find out more about this process.
Eye health workers examine data on a laptop. Credit: Peek Vision/Operation Eyesight.