|
SDSA uses the following technologies and procedures to protect your PHI:
The databases containing your PHI are password protected and stored on our
secure servers that are not accessible from the public Internet. The servers
are located in our camera monitored server facility and are physically secured
using unpowered combination locks. Only SDSA network administrators are granted
access to the server facility.
SDSA network passwords meet complexity requirements and are changed on a
regular basis.
All SDSA servers utilize anti-virus software and are kept up to date using
automated update procedures to maintain the virus definitions and vendor
supplied operating system security patches.
All off-site backup media is stored in a locked deposit box at a local bank.
All SDSA Internet access is monitored and filtered using proven fire walling
devices that feature robust security, performance, and reliability.
SDSA web site on-line access registration is completed using an out-of-band
(non-Internet) process to insure HIPAA compliance and safeguard against identity
theft.
The SDSA web site utilizes Secured Socket Layer (SSL) encryption on all page
requests that involve collecting or displaying sensitive information such as
PHI.
Cookie values generated by the SDSA web site are encrypted using the industry
standard MD5 algorithm. Your web site password is also encrypted using the
industry standard MD5 algorithm.
|
