Story
7 min read

How Birdie simplifies security and compliance

“Compliance in health tech is different – it’s not just ticking a box. It reflects how seriously we take our responsibility to protect customer data.”

Jon Dodkins
Head of Platform, Birdie
Table Of Contents
TOC Item
Website
https://www.birdie.care/
Founded
Industry
HealthTech
Funding Raised
Headquarters
Development Team Size
30s
Fastest time to resolution

In the health tech industry, where safeguarding sensitive patient data is critical, Birdie – a digital home care platform – has made security a cornerstone of its operations. Birdie’s platform enables care agencies to streamline their processes and empower caregivers, but with such sensitive data at stake, their commitment to security has driven them to innovate and evolve continuously.

Birdie partnered with Aikido to layer security into their operation, meet rigorous compliance standards, and prepare for the future of healthcare technology. Below you’ll learn how.

Security as a Core Value at Birdie

At Birdie, security isn’t just a priority – it’s part of the company DNA. For both the platform team and the broader organization, protecting sensitive patient data is non-negotiable.

Harry, Birdie’s Platform Engineering Manager, describes security as the “name of the game” for his team. Managing the infrastructure and developer experience means ensuring that every feature is secure by design. This approach extends to all engineering teams at Birdie, emphasizing that security is everyone’s responsibility.

Jon Dodkins, Birdie’s Head of Platform, highlights the stakes involved:
“In healthcare, there’s nothing more important than keeping patient data secure. It’s not just about meeting compliance standards—it’s about doing the right thing for our customers.”

This shared commitment has driven Birdie to embed security practices deeply into their workflows, from feature design to day-to-day operations.

Simplifying Compliance in Health Tech

Compliance is a major focus for Birdie as they work to meet industry standards like ISO 27001 and NHS requirements (UK’s governmental regulatory body). As a health tech company, they must navigate some of the strictest regulatory landscapes, and tools like Aikido have become essential in making this process manageable.

Jon explains, “Compliance in health tech is different – it’s not just ticking a box. It reflects how seriously we take our responsibility to protect customer data.”

Harry agrees, emphasizing how Aikido has streamlined their compliance journey. “Aikido’s compliance automation features and audit reports have been a massive benefit. They help us stay on top of regulations and make audits far easier to manage.”

Aikido’s real-time scans and actionable insights have allowed Birdie to stay ahead of potential risks while building a foundation for future standards, such as HIPAA, as they scale.

“As we move into the scale-up phase, having tools that foster a culture of security across the organization is crucial. Aikido has been instrumental in leveling up our security operations.”

Addressing Security Challenges

For a company handling sensitive data, the risk of breaches is always top of mind. Harry describes the constant vigilance required:
“The thing that keeps me up at night is the risk of a breach. They’re common in our industry, and the consequences are enormous.”

To mitigate these risks, Birdie needed a tool that would provide visibility into their attack surface while enabling swift action to address vulnerabilities. Aikido delivered exactly that, along with features that made it accessible to their small team.

“With Aikido, we can fix an issue in just 30 seconds – click a button, merge the PR, and it’s done.”

Why Birdie Chose Aikido

Birdie evaluated multiple platforms before choosing Aikido, and several factors made it the clear choice.

  1. Ease of Use: Aikido’s user-friendly interface and seamless integration with tools like GitHub made it an easy fit for Birdie’s workflow. Further, the platform’s feed, which consolidates vulnerabilities into a single view and allows filtering by team or domain, has become a favorite among Birdie’s platform team.
  2. Contextual Insights: By grouping vulnerabilities and providing context, Aikido made it simple for engineers to address issues without additional support.
  3. Rapid Time to Resolution: Features like autofix allow Birdie to resolve vulnerabilities in record time. Harry shares, “With Aikido, we can fix an issue in just 30 seconds – click a button, merge the PR, and it’s done.”
  4. Compliance Reporting: With real-time compliance scans and reporting modules, Aikido simplifies the process of meeting regulatory requirements. This feature has been instrumental in Birdie’s efforts to stay compliant and prepare for future standards.
  5. Real time Support: Harry recalls the outstanding support they received so far. “Having the Aikido team in a Slack channel with us was a game-changer. It felt like a true partnership.”

“This is the first time at Birdie where everyone’s talking about security, and that’s a testament to tools like Aikido."

Scaling Security for the Future

As Birdie continues to grow, their security needs will only become more complex. With Aikido’s support, they are building a solid foundation to meet these challenges head-on.

Jon summarizes their journey:
“This is the first time at Birdie where everyone’s talking about security, and that’s a testament to tools like Aikido. They’re helping us scale securely and build toward the future of healthcare.”

Download Case As pDF

Other great stories told by our customers

PE & Group Companies
Delivering SCA and beyond to 6,000+ developers.
View story
Visma
FinTech
Minimizing false-positives, while keepig GitHub as the single source of truth.
View story
Bound
HealthTech
Birdie's fastest time to resolution? 30 seconds.
View story
Birdie
Software Development
Marvelution weaves security into it's one-word business plan: "fun".
View story
Marvelution
HealthTech
Realizing efficiency gains, from one intuitive interface to pentests behind the login wall.
View story
Mediquest