We put security, privacy and compliance at the top of our priorities when we developed Relaymed. As a result, we ensure our service is fully HIPAA compliant, so that stakeholders have peace of mind. To demonstrate our HIPAA compliance, we provide all clients with a Business Associate Agreement (BAA).
Our systems are also HITRUST CSF assured. This is the most widely adopted security control framework in US healthcare, such is our commitment to this aspect of our service.
Our security process covers 3 key areas: data at rest, data in transit, and access controls.
Data security at rest
Every server that handles sensitive data operates with full disk encryption, and our databases operate with Microsoft’s Transparent Data Encryption technology. This means all data which rests within our servers is protected.
Data security in transit
We continually improve our web service in response to cutting edge security research (in light of the BEAST and POODLE attacks, for instance) meaning that our web infrastructure is continually reviewed to ensure that it is protected against any threats that might come our way. We have full support for the TLS 1.2 web access model for HTTPS, as included in modern browsers. Where necessary, our network infrastructure provides end-to-end encryption with IPSec, for communication with customer servers.
The final piece of the security puzzle is access controls. We provide fine-grained controls that allow customers to control access to their data by location and feature. This ensures that only approved personnel can handle sensitive information.
Like to learn more?
No problem. Get a one-to-one call with a Relaymed consultant today.