• Security Standards

Partner Data Is Our Priority

 

Interpoint Partners has more than 20 years of experience with Internet security, design, and implementation – we understand how important safe and secure information is to our clients. Executing the right decision at the right time ultimately depends on a solid data infrastructure foundation of security, consistency and integrity. At Interpoint, that is precisely what we’ve done.

By law, all healthcare organizations and their business partners are required to create a set of HIPAA compliant policies and procedures. However, we recognize that not all organizations take the same precautions, or even show the same level of dedication to ensure these measures are followed. For this reason, we strive to exceed the expectations of our clients on all fronts of data security, and we’ve built upon the industry-standard “Best Practices” to deliver a fully comprehensive set of policies and procedures of our own.

Our Physical Security

  • Data center is staffed 24/7
  • Visitors are required to sign in and be escorted
  • Facility maintenance records and facility security plans are documented
  • No public access to data center is permitted

 

Our Network Security

  • Hardware and software firewalls (written record of configuration is in place)
  • Daily port scanning – Hacker Safe(tm)
  • Pro-active network monitoring; multi-tiered server environment to ensure database servers are not on the Internet

 

Our Password Security

  • Employees who have access to EPHI are clearly identified, classified, and type of access is logged
  • Clients who have access to EPHI are clearly identified, classified and type of access is logged
  • Employees who are authorized, established access, modified access, or terminated are clearly identified
  • On-going training for employees who have access to PHI
  • All third party vendors who have access to PHI are clearly identified, and are contractually obligated to comply with HIPAA safeguards

 

Our Data Transmission Security

  • All data received via secure-FTP over SSH (encrypted using industry-strength 128 to 256-bit cyphers)
  • All data transmitted via HTTPS (encrypted using industry-strength 128 to 256-bit cyphers)
  • Hacker Safe logo – daily testing

 

Our Data Integrity

  • All data received is verified with Interpoint’s own reasonableness check
  • All data received is verified with client provided checksum
  • All data is backed up nightly in an off-site location

 

Our Contingency

  • Disaster recovery plan is in place
  • Disaster recovery plan is verified by industry professionals
  • Disaster failure analysis is clearly documented
  • Instructions are documented for how to deal with security breaches