Flo Health steps up privacy commitments with new ISO certification
Period tracking app Flo Health has attained ISO 27701 certifications - a gold standard for privacy.
Flo Health, the world’s most popular female health app, has taken secured further certification for its commitment to privacy, data protection and information security.
The scale-up has announced it has attained ISO 27701 certification — the gold standard from the International Organization for Standardization (ISO) for Privacy.
This new certification builds on the foundation laid by the Information Security ISO 27001 certification secured in 2022 (and subsequently recertified in 2023).
Flo Health shares that this privacy certification is particularly rare in the health technology sector and Flo’s attainment of dual ISO 27701 and ISO 27001 certifications sets a new standard in female health tech.
Sue Khan, Data Protection Officer at Flo Health, said:
“As the most downloaded female health app worldwide, it is our responsibility to ensure the utmost privacy of the Flo app.
“In 2023, we achieved remarkable milestones, including the establishment of our Privacy and Security Advisory Board, the open-sourcing of our Anonymous Mode feature, and the integration of post-quantum cryptography into this feature.
Beyond this, our award-winning Anonymous Mode feature was recognized as one of Fast Company’s 2023 World Changing Ideas, TIME’s Best Inventions of 2023, and won the IAPP’s Privacy Innovation Award.
Achieving the ISO 27701 Privacy Certification is an acknowledgement that privacy is indeed embedded within Flo’s organisation and is a testament to Flo’s commitment to safeguarding user data in accordance with the most stringent global privacy standards. We look forward to all that we will accomplish together in 2024.”
The importance of privacy in female health apps
Data privacy is a critical factor for FemTech and a crucial part of building and maintaining trust and reputation.
Users - and regulators - need to be sure that personal data held is stored safely and not shared with others. Unfortunately some poor data privacy practices in the past and fear as a result of Roe vs Wade means some of this trust is fragile,
The Privacy ISO 27701 certification that Flo Health has secured is an internationally recognised standard in privacy and data protection and serves as a formal independent seal of approval for Flo’s privacy program.
It provides a framework for organisations to manage and demonstrate compliance with privacy laws and regulations and is designed to help organisations establish and maintain effective privacy management practices, ensuring the protection of personally identifiable information.
The ISO27701 Privacy standard maps specifically to GDPR articles and requirements. This standard is a way of demonstrating that effective systems are in place to support compliance to GDPR and other related privacy legislation. Flo’s processes were tested and successfully audited in a variety of privacy domains, privacy-by-design and the fulfilment of user rights.