<img alt="" src="https://secure.smart-business-intuition.com/262289.png" style="display:none;">
Skip to content
    stock-generic-hands on laptop in cafe
    Security

    Protecting your business and customers

    At Sign In Scheduling, we’re dedicated to providing industry-leading security and compliance, including GDPR, CCPA, ISO 27001, HIPAA, DSP Toolkit, and more.

    stock-generic-professional with laptop

    Highest security levels: Our standard

    We follow the Principle of Least Privilege (PoLP). Only our Customer Support Staff have access to your account data, simply to perform their role in managing your requests. This access is logged and audited. No client data can be accessed by other members of staff. Every Sign In Scheduling employee has completed mandatory data compliance and is required to sign a Data Protection Agreement (DPA) when joining us. Data protection training is performed annually.

    stock-generic - man at laptop with phone

    Control who handles data with user permissions

    With Sign In Scheduling, you can assign different permission levels to each user so that employees can only access and change what they’re allowed to. You can also use your SSO Identity Provider (IdP) to securely authenticate the users on your account. We can use metadata from your IdP to grant permissions and access controls within Sign In Scheduling. This means that employees don’t need to remember certain passwords, and you can onboard and offboard staff members centrally. All passwords are stored encrypted and salted, and never in plain text, securing and protecting passwords stored for future authentication.

    Compliance that puts you first

    Our expert Compliance Team is always on top of the latest compliance updates and makes sure that our software supports the handling of sensitive data. Read our policies.

    Secure lock icon

    GDPR

    Sign In Scheduling complies with the EU and UK General Data Protection Regulations.

    Professional

    HIPAA

    We provide tools to safely store medical data, the PHI of patients in the US and can issue a signed Business Associate Agreement (BAA).

    Save storage

    CCPA

    Our software is fully compliant with the California Consumer Privacy Act.

    vpn_lock_FILL0_wght400_GRAD0_opsz48

    PCI DSS

    We maintain a secure payment processing environment and comply with the Payment Card Industry Data Security Standards.

    Cloud

    DSP Toolkit

    We are listed on the NHS Data Security and Protection Toolkit under code 8KL47.

    lock_clock_FILL0_wght400_GRAD0_opsz48

    IS 27001

    Sign In Scheduling has been certified by BSI to meet the International Information Security Standards and is registered under IS 705787.

    stock-generic-group of professionals

    Vulnerability scanning & penetration testing

    Sign In Scheduling is built to be secure from its foundations up and is continually tested. Our systems are subjected to automated vulnerability scanning on a weekly basis, and major items identified during these scans are acted upon immediately. Our systems also undergo manual penetration testing annually by CREST Certified penetration test experts. We’re happy to send you our Security Whitepaper and more information upon request.

    State-of-the-art hosting, third-parties & encryption

    Security and compliance are the heart of everything we do, and we only work with providers that follow the same ethos.

    AWS Hosting

    Our services are hosted in Amazon’s Secure Data Centers across multiple availability zones with warm-standbys to provide emergency backup systems. Backups are automated, isolated, and encrypted. Amazon’s data center operations have been accredited under ISO 27001, SOC 1, and SOC.

     

    Third Parties

    Sign In Scheduling uses some third parties to provide certain services such as sending emails, SMS, and voice calls, as well as synchronizing calendars. All data in transit is encrypted. We audit all data that is shared with third parties annually, and we have GDPR Compliant Data Processing Agreements in place with all of them.

     
    stock-generic-home working

    Highest level of encryption

    All data is encrypted using the industry-standard AES-256 algorithm provided by Amazon’s RDS systems. Sign In Scheduling can only be accessed over HTTPS, with automatic HTTP redirects in place. 10to8’s HTTPS certificate is RSA 2048 bits (SHA256withRSA), and supports TLS 1.2. Find out how our enterprise scheduling system will fit into your organization. Book a discovery call today.

    stock-generic-woman on bench with tablet

    Contingency planning & disaster recovery

    You can rest assured that we have Business Contingency Plans in place to restore Sign In Scheduling systems in case of catastrophic failures. Tested and audited regularly, these include Data Center failures, Database failures and Server failures. Our systems are robust and reliable; Our server uptime is 99.95%.

    Start taking bookings online

    Create a custom online booking page, benefit from automated SMS, Email & Voice reminders, and reduce appointment no-shows by up to 90%.

    placeholder