Security at every level
At Relaymed, privacy and security are our top priorities — not boxes to be checked during a once-a-year review.
We want to go beyond HIPAA compliance, which is why our systems are assured by HITRUST, the most widely adopted security control framework in healthcare. A rigorous and challenging test, this demonstrates to our customers and partners that data security is the highest priority at Relaymed.
Given the nature of our product, our security safeguards cover data at rest and in transit.
- We’re hosted on Microsoft Azure and have a business associate agreement (BAA) in place with Microsoft.
- Data is only stored within the United States.
- Our entire database is encrypted with Microsoft’s Transparent Data Encryption technology. This helps protect against the threat of malicious offline activity by encrypting data at rest.
- The database encryption key is protected by a built-in server certificate. The built-in server certificate is unique and the encryption algorithm used is AES 256.
- We undergo multiple third-party audits yearly, including penetration testing with ethical hackers. This ensures any security issues are resolved before they have a chance to arise and that data is properly guarded.
- We store sensitive credentials as salted and hashed values for an additional layer of security.
- We use static code analysis to regularly scan our code base and find and address any security vulnerabilities.
- Between the Relaylink and our cloud, and our cloud to EHRs, end-to-end encryption is done to secure all data transmitted over an HTTPS connection. Our SSL policy is to use TLS1.2 using Microsoft Azure recommended settings.
- Alternatively, where an EHR requires, traffic is encrypted via a secure VPN connection. We use an IPsec protocol to ensure all traffic within the VPN is encrypted and authenticated.
We know that technology changes and new threats emerge, so Relaymed is ever vigilant and committed to continually working on security enhancements.
At each and every level of Relaymed, we foster a culture to make safeguarding patient data part of what we do. This ensures our operational security.
If you have any questions about our security measures or technology, feel free to reach out to us.
Like to learn more?
No problem. Get a one-to-one call with a Relaymed consultant today.