GRSCIA
Security

Security controls built for UAE healthcare compliance.

Review the technical and operational controls that support ADHICS-aligned workflows, auditability, and protected health information handling.

ENC
AES-256 Encryption
All data encrypted at rest using AES-256, the industry standard for data protection.
MFA
Multi-Factor Authentication
Secure access with TOTP-based MFA, protecting accounts from unauthorized access.
RBAC
Role-Based Access Control
Granular permissions with predefined roles ensuring least-privilege access to sensitive data.
AUD
Cryptographic Audit Trails
Every action is logged with SHA-256 hashing for tamper-proof audit trails.
RES
UAE Data Residency
All data stored in UAE-based infrastructure (me-central-1), ensuring data sovereignty compliance.
ADH
ADHICS Compliant
Built to align with Abu Dhabi Healthcare Information and Cyber Security standards.
Compliance Standards
Built to support ADHICS-aligned operations, vendor oversight, and healthcare data protection requirements.
PrivacyTermsDPASLASub-processors
Security FAQ

Questions security and procurement teams usually ask.

These answers reinforce the controls, residency model, and trust materials behind the product.

How is data protected in GRSCIA?
Data is encrypted at rest using AES-256, and access can be protected with TOTP-based multi-factor authentication.
How does GRSCIA handle access governance?
GRSCIA uses role-based access controls so teams can limit permissions by responsibility and support least-privilege access to sensitive workflows.
Is there an audit trail for platform activity?
Yes. Platform activity is logged to support traceability and audit review, including evidence-relevant operational actions.
Is the cloud deployment hosted in the UAE?
The cloud deployment is hosted on UAE-based infrastructure to support data residency and sovereignty requirements.
How can we review subprocessors and contractual terms?
Public trust pages cover subprocessors, data processing terms, service commitments, and related legal references so security and procurement teams can review vendor posture before launch.