MDeverywhere assures that your patient information remains confidential and will meet the intent and spirit of HIPAA Regulations. We have taken the following steps to ensure the integrity and security of all client data:
Security and data restriction features of the MDeverywhere ASP:
- Dedicated Checkpoint Firewall is monitored with 24 hours per day 7 days per week
- Continual Server monitoring 24x7 monitoring for all MDeverywhere servers
- THOMAS software to monitor critical Web performance functions using a series of tests, including:
- System load average and uptime; capacity and process usage
- Web server response time
- CPU and uptime monitoring
- Uninterrupted power backed by diesel generators.
- Tape backups and off site tape storage
- Video surveillance throughout the facility
- Environmental sensors that detect heat, humidity, air quality changes and motion.
- Fire detection and alarm system, fire suppression, redundant HVAC, dual power supplies.
- Personnel access control with access cards and monitors recording party, time of entry/exit, and location.
- The backbone routers are configured with redundant power supplies, maximum memory, and maximum processor options.
- Raised flooring
Servers:
- Database (SQL Server) runs on a clustered NT system (Raid 1)
- All other servers (Interface, Web, etc.) are Raid 5
- All data transmitted between the server and the site is 128 bit encrypted using SSL (HTTPS)
- Our data hosting center staff does not have access to MDeverywhere or MDeverywhere customer data
- Backup equipment is available for all servers in the event of disaster recovery
- Our data-hosting center is contractually prohibited from accessing or viewing MDeverywhere or MDeverywhere customer data.
Our data-hosting center has no rights of any nature to MDeverywhere data or MDeverywhere customer data.
|
