Anesthesia Billing Software Services: Customer Data Protection Methodology
How Cognizant Approaches Data Security
Data security refers to protective measures used to prevent unauthorized access to computers, databases and websites. Data security also includes measures to protect clients from data corruption. This requires a comprehensive program to ensure our infrastructure; facilities and processes are securely managed. We believe so strongly in keeping our customers’ data secure that we have invested significant resources to becoming SOC2 compliant.
SOC2 Compliance
How do you know your software vendor is capable of delivering what is promised? You can ask, but how do you get a verifiable answer when you are dealing with the complexities of a cloud-based solution? The American Institute of Certified Public Accountants (AICPA) developed the SOC2 compliancy standard to allow an outside company to audit the software vendor and attest to their ability to deliver.
SOC (Service Organization Control) is a set of standards specifically designed by the AICPA to ensure a company has adequate controls in place. The process for becoming SOC2 compliant is a rigorous, time intensive process. We engaged an outside firm to guide us through this process, to complete an onsite audit and issue a final report. The result of this effort proves to our customer base that we have the proper controls in place to protect their data.
Encryption of Data Stored at Rest
We take tremendous precautions when storing customer data. Data stored in plain text can be read by anyone who has access to that data. Encrypted data, also called cipher text, is in a form where it cannot be read without the proper keys. We store all customer data in an encrypted format, utilizing Advanced Encryption Standards (AES) in 256-bit format. AES is the same format adopted by the U.S. Government to protect classified information. Only a customer with the proper key can access the encrypted data.
This encrypted data is housed in a highly secured data center. This enterprise-class data center has multiple telecom providers for connectivity and is located on two separate power grids with backup generators capable of sustaining the facility. It was constructed to withstand a major tornado, and contains advanced fire suppression systems. A person cannot gain access to the facility without being pre-authorized, obtaining the proper badge and successfully passing the biometric screening process. The entire facility is under video surveillance and the servers are contained within locked racks.
We also store an encrypted copy of the data and the application at Amazon Web Services. Although we don’t foresee there being an impact to our data center, this secondary copy helps ensure our customers’ data is always available should an interruption ever occur.
Encryption of Data in Transit
Despite all the security methods in place for data in a resting status, the data must also be encrypted while in transit. We also utilize AES encryption for customer data in route between the machine and the data center. Even if the data is intercepted by an unauthorized individual while in transit, it is still in an encrypted state. This helps prevent hackers from exploiting vulnerabilities in internet connections and stealing passwords, eavesdropping on patient information or collecting sensitive data.
Comprehensive Security Strategy
We employ a comprehensive strategy to ensure stored data or data moving into or out of the data center or over the Internet is encrypted. Our highly knowledgeable staff maintains diligent focus on protecting our customer’s data.
Learn more by clicking here, or give us a call at 866-634-7377.