Top Data Security Concerns
At MākuSafe, we engage daily with companies of all sizes, from multinational enterprises to some of the world’s most recognizable and significant brands. These organizations rely on us to provide innovative, data-driven solutions that enhance workplace safety while maintaining the highest standards of data security. Our close collaboration with these industry leaders has given us deep insights into their unique security concerns, compliance requirements, and expectations.
MākuSafe’s Approach to Common Data Security Questions:
We’ve built our wearable technology and safety data analytics platform with these considerations at the forefront, ensuring that our solutions not only meet but exceed the stringent security and privacy standards of our clients. By prioritizing transparency, robust encryption, and privacy-by-design principles, MākuSafe delivers actionable insights without compromising the trust or confidentiality of workers and organizations. Below, we’ve outlined the most common data security questions we encounter and how MākuSafe addresses each one to deliver peace of mind to our clients.
Does the wearable device collect personal or biometric data?
The MākuSafe Approach: No, the MākuSafe AllyTM devices do not collect personal or biometric data. They gather data about environmental exposures and experiences, such as heat index readings or sound levels. Workers’ identities are not stored on the device, and the wearable is solely focused on measuring workplace conditions, not personal health metrics.
How is data linked to individual workers without storing personal data?
The MākuSafe Approach: Workers use credentials to check out a device from the base station at the start of their shift. The sensor data collected by the device is then associated with the worker who checked out that specific device, but this association is managed securely within the MākuSmart cloud platform. Identity information is never stored on the wearable device or the base station. MākuSafe ensures end-to-end delivery of only secured and authorized data.
How is data secured as it moves between the wearable device, base station, and cloud platform?
The MākuSafe Approach: Sensor data is encrypted and transmitted securely at every step. It is moved from the wearable device to the base station in a proprietary binary format and from the base station to the MākuSafe cloud platform (“MākuSmart”) using secure, encrypted connections. MākuSafe’s commitment to data privacy and protection ensures only authorized data is transmitted.
What safeguards exist to ensure data isn’t stored permanently on the wearable device or base station?
The MākuSafe Approach: The wearable device does not have a removable or accessible storage medium. Data is transmitted in real-time to the base station or temporarily stored until connectivity is restored. The same principle applies to the base station: data is not retained once it has been successfully transmitted to the cloud.
What prevents unauthorized access to the wearable device, base station, or web app?
The MākuSafe Approach: Only authorized workers can check out a device. Identity information is not stored on the wearable device or the base station. The base station requires an authorized API key to connect to the cloud. Access to the MākuSafe web app requires proper credentials, a secure web connection, and adheres to strict permissions based on well-defined access roles and hierarchies. Web app users cannot gain access to other customers’ data.
How does MākuSafe ensure the security of its software and hardware?
The MākuSafe Approach: Security is built into every software and hardware update. MākuSafe continuously enhances its systems to address emerging threats and ensure compliance with data protection standards. The cloud platform, hosted by SOC-1/2/3 and ISO/IEC 27001 certified providers, ensures data integrity and protection.
Can workers or others access raw data from the wearable devices or the web app?
The MākuSafe Approach: No, the wearable devices have no accessible or removable storage medium, and raw data cannot be accessed directly from them. All data is encrypted and securely transmitted to the cloud platform. The MākuSafe web app collects no personally identifiable information (PII) or HIPAA-protected data beyond first and last name. Email addresses and phone numbers may be stored solely to enable web access and support MākuSmart text notifications.
What happens to data if the wearable or base station temporarily loses connectivity?
The MākuSafe Approach: If connectivity is lost, data is stored temporarily on the device or base station. Once connectivity is restored, the data is securely transmitted to the cloud platform and permanently removed from the wearable or base station. MākuSafe ensures end-to-end secure delivery of this data once connectivity resumes.
How does MākuSafe address privacy concerns from workers?
The MākuSafe Approach: MākuSafe prioritizes worker privacy by ensuring no personal or biometric data is collected. The wearable devices gather environmental and exposure data only, and this data is encrypted and securely managed. Workers’ identities are protected throughout the data flow process, with no identity information stored on devices or base stations. MākuSafe is committed to treating customer data with the highest standards of privacy and protection.
What measures are in place to control access to the data on MākuSmart?
The MākuSafe Approach: Access to MākuSmart is strictly controlled through proper credentials, role-based permissions, and secure web connections. MākuSafe enforces strict permissions based on well-defined access roles and hierarchies, ensuring users cannot access other customers’ data. The platform collects no sensitive PII or HIPAA data beyond first and last names, with email addresses and phone numbers used only for access and notification purposes.
You may also be interested to read MākuSafe’s Approach to the Top 10 Privacy Questions About Workplace Wearable Technologies