Axion Health’s, ReadySet, is an enterprise level, cloud-based technology platform, using highly scalable architecture for delivery to our customers.
All data is stored and transmitted securely with encryption at rest and in transit, allowing for simultaneous, multi-access use of the platform. Minimal IT support is required by our customers to implement and maintain the platform.
Axion Health has an Information Security Program for safeguarding both Axion Health and customer confidential information. The program applies to all covered data and information received in the course of providing services to our customers.
A third party Security firm evaluates Axion Health’s security program annually. Axion Health adjusts, as necessary, our business operations, testing and safeguard monitoring. Regular compliance audits are also performed by a third party security firm.
Security Compliance And Standards
ReadySet is compliant with, HIPAA, NIST-800-53, SOC 2 Type II. Compliance documentation available upon request.
24/7 monitoring of system health and availability
Intrusion detection system active on all production systems
User access monitored and reviewed regularly
- Full vulnerability scans including cross scripting and SQL injection tests done by independent security company
- All data is encrypted during transport, no exceptions
- All PHI data is encrypted at rest, including all backups
- Oracle 11G Advanced Security “Transparent Data Encryption”
- Axion Health partners with a secure national data center certified through the latest standards including
- SOC 2 Type II
- Industry-standard based identification and authentication policies and procedures
- Industry-standard based access control procedures
- Single Sign-on SAML assertion available
- SaaS model provides 24/7 access from desktop, laptop and mobile devices
- Public internet access over HTTPS for access anywhere
Audits Performed by External Assessor
- Backup verification and data recovery testing
- Vulnerability scan
- Application penetration test
- Software inventory and patch comparison
- Firewall configuration review
- Encryption policy compliance
- Vendor and trusted partner access review
- IT security policy review
- Data center physical access control system
- Audit of Axion Health internal controls
- Real time replicated disaster recovery site at geographically separated location
- Off-site backups
- Contingency planning
- Power failure controls
- Active/Active redundancy throughout the system
- Incident response