Security at Firstmed consulting
At Firstmed, we take the issue of online security very seriously. Below is information about some of the measures we take to ensure that your experience with us is as safe as possible. We've also provided, at the bottom of this page, some answers to questions that some of our patients have asked us.
We are registered in compliance with the Data Protection Act, Registration No. niq942.
We utilise a secure server encryption method to securely transfer all credit or debit card details and customer information. This is provided by GeoTrust. We have had no reports of any customers using a credit card to purchase at Firstmed and subsequent acts of fraud being committed having used details illegally obtained via our site.
We use a secure server which encrypts your credit card information during transmission from the webpages to our database. A secure server webpage is different to a normal webpage. You will know you are on a secure webpage because the padlock (on explorer at the bottom and on navigator on the top toolbar) will be highlighted and closed. The web address will also change to indicate a secure server, so that it now starts with https://. When this happens you will know that any information you type into that page will be encrypted when it is sent out.
Encryption is used when you register or login to the website and when you are on the final purchase page. If, however, you visit Firstmed from another website such as Freeserve, then a padlock will not be displayed in your Internet browser due to the Freeserve menu bar at the top of the screen. It is because of this bar the browser will not display a padlock, even though when you order the website uses https:// to send the details. If you came straight to www.firstmed.co.uk then this would show a padlock when an order was placed.
What level of encryption do we use?
We use 128bit SSL (secure socket layer) level encryption which is one of the most advanced encryption technologies available today. This is provided by Geotrust.
Any information sent over the internet is encrypted into an unbreakable code before it is sent. This ensures that no third party can intercept and decipher your personal information. It is certainly much safer than giving your credit card in a restaurant or mail order over the phone.
Do you keep my Credit Card details?
Your credit card details are transferred over a highly secure VPN (Virtual Private Network) to our authorisation server which is not directly connected to the Internet. Your credit card details are then entirely deleted from our systems after the transaction has been completed.
What about Server and Firewall security?
Our database servers, where your personal details are stored, are not accessible from the internet and are monitored 24hrs. They are continually updated to have the latest versions of software ("patches") providing the highest levels of security and reliability available for those systems.
Firstmed have invested in the highest standard firewalls available which are the same as used by many banks and telecom companies. These are dedicated hardware devices which deter and prevent hackers from reaching our systems. In the interests of security we do not provide details of these to third parties.
Q: What physical security do you have?
A: Our web and database servers are held in a totally secure purpose-built location with access only available to authorised and validated personnel using advanced code and fingerprint identification. There is 24 hour security and CCTV monitoring.
Q: I'd like some further reassurance.
A: Our security platform has been independently evaluated and reviewed by World Pay in line with PCI DSS compliance.
If you have any further questions or would like to review our security policy in full please feel free to email us.