Your data is stored on virtual private servers at remote data centers in the United States. Data centers are unmarked to maintain a low profile. Physical access is limited to data center technicians and is controlled by biometric sensors. Security cameras provide 24/7 monitoring, and staff are on-site around the clock.
Server systems are similarly well protected from virtual intrusion or disruption. Your system is installed on a hardened, patched operating system, with system patching configured to provide ongoing protection from exploits. Dedicated firewalls and VPN services help to block unauthorized system access to the server, and measures are in place to mitigate distributed denial-of-service attacks.
Secure System Access
We also have strong operational security measures in place to protect against unauthorized access to your data, including:
- Password policies in place to ensure that strong passwords are used and are changed periodically, in accordance with password best practices.
- Logging, including IP address, date, and data requested, of all data requests and login attempts.
- Automatic user account lock-out after multiple successive failed login attempts.
- Password-protected databases.
- Differentiated levels of access permissions based on user and role.
- Automatic logoff after a period of inactivity.
- DOM intrusion detection – intrusion attempts are automatically reported to, and monitored by, the system administrator.
Secure Data Transmission
Data in transit is similarly well-protected. All data transmissions to or from the EMR are forced over 128-bit or 256-bit Secure Sockets Layer (SSL)-encrypted channels and most file uploads occur over https (HyperText Transfer Protocol with SSL). And file transfers occur over Secure Shell (SSH), a network protocol for secure data communication over an unsecured network (such as the internet).