axion

COP_JOOMLA
       
 
 
compliance 

  SECURITY

Axion Health’s, ReadySet®, is an enterprise level, cloud-based technology platform, using highly scalable architecture for delivery to our customers. All data is stored in a secure and encrypted central repository, allowing for simultaneous, multi-access use of the platform. Minimal IT support is required by our customers to implement and maintain the platform.

 

Axion Health has an Information Security Program for safeguarding both Axion Health and customer confidential information. The program applies to all covered data and information received in the course of providing services to our customers. A third party Security firm evaluates Axion Health’s security program annually and adjusts as necessary including changes in Axion Health’s business operations, testing and safeguard monitoring. Regular compliance audits are also performed by a third party security firm.

 

 

 

 

keyProgram

 


complianceAndStandards    
    SECURITY COMPLIANCE AND STANDARDS

       HIPAA/NIST 800-53

  • ReadySet® is both NIST 800-53 and HIPAA compliant
  • Compliance documentation available upon request

  LineWhite

 monitoring    
    SECURITY MONITORING

 

  • 24/7 monitoring of system health and availability
  • Intrusion detection system active on all production systems
  • User access monitored and reviewed regularly

  LineWhite

security    
    SECURITY DETAILS

      

Vulnerability Scans

  • Full vulnerability scans including cross scripting and SQL injection tests done by independent security company

 

Encryption

  • All data is encrypted during transport, no exceptions

  • All PHI data is encrypted at rest, including all backups

  • Oracle 11G Advanced Security “Transparent Data Encryption”

 

Data Center

  • Axion Health partners with a secure national data center certified through the latest standards including
    SOC 2 Type II

 

Access Control

  • NIST 800-53 based identification and authentication policies and procedures

  • NIST 800-53 based access control procedures

  • Single Sign-on SAML assertion available

  • Two factor authentication available

LineWhite

 availability    
    AVAILABILITY

 

  • SaaS model provides 24/7 access from desktop, laptop and mobile devices
  • Public internet access over HTTPS for access anywhere

LineWhite

 audits    
    AUDITS PERFORMED BY EXTERNAL ASSESSOR (PARTIAL LIST)

 

  • Backup verification and data recovery testing

  • Vulnerability scan

  • Application penetration test

  • Software inventory and patch comparison

  • Firewall configuration review

  • Encryption policy compliance

  • Vendor and trusted partner access review

  • IT security policy review

  • Data center physical access control system

  • Audit of Axion Health internal controls

 

LineWhite

 business    
    BUSINESS CONTINUITY

 

  • Real time replicated disaster recovery site at geographically separated location

  • Off-site backups

  • Contingency planning

  • Power failure controls

  • Active/Active redundancy throughout the system

  • Incident response

 

Interested in More Information? Click Here

 

 

 

 

 

 

ytb tw in