Data Encryption (in transmission)
Data Encryption (at rest)
HIPAA-Compliant Business Standards
Encryption is a technique used to protect your data and it takes many forms. Imagine if you were to take your digital information and put it through a virtual paper schredder, jumble it up, and then lock it away in a safe. Even if someone could break into that safe and look at your bits of information they would be meaningless to them. That's encryption in a nutshell.
Industry standard AES 256-bit encryption is used at all points where patient information is transmitted between a user and our servers. This includes full encryption for information shared by providers and patients, as well as encrypted transmission of uploaded/downloaded documents and images.
All patient data and billing information is stored in encrypted database tables using standard AES 256-bit. All documents and images uploaded by a patient or provider are stored encrypted, as well. Full drive encryption is in place for all hard drives storing patient information and website operation data using SHA-512 encryption standards.
Audio and video for all sessions are transmitted over an encrypted channel using industry standard cryptographic primitives. Audio and video streams are decoded as received by a participating provider or patient.
Multiple servers are used to handle specific tasks, such as webhosting, data storage, and video session management.
Each server is uniquely configured with separate access details, software decryption keys, permissions, and safeguards. Access to systems containing sensitive information is restricted to an internal network structure.
We use an enterprise-class hosting solution that provides all necessary tools for maintaining HIPAA-compliant security measures and patient privacy.
Our encryption standards ensure that our hosting solution has no access to sensitive patient information at any time.
In accordance with the newly-announced 2013 HIPAA guidelines and regulations, suppliers of telemedicine software solutions are required to maintain HIPAA-compliant security and business practices. Further, healthcare providers are required to enter a Business Associates Agreement (BAA) with their telemedicine software supplier. We maintain HIPAA standards and enter into a mutual BAA with each CloudVisit Telemedicine subscriber.