Skip to main content
woman with a laptop standing in a server room woman with a laptop standing in a server room

Data Security, Privacy, and Infrastructure

woman with a laptop standing in a server room woman with a laptop standing in a server room

Data Security, Privacy, and Infrastructure

There’s nothing we take more seriously than being good stewards of your data. Not only do your consumers trust you with their personal information, but you must adhere to rules and regulations of your stakeholders, contracts, and often government entities. You can be assured that iCarol will support your internal policies and workflows to uphold confidentiality policies while working behind the scenes to provide you the best security.

open laptop on desk showing that content is secured with image of a lock

What We Offer

Physically Secure Data Centers

  • Restricted access to approved personnel only
  • Continuous 24/7/365 monitoring
  • Robust physical and electronic security
  • Fire suppression
  • CCTV monitoring of Entrances/Exits

Disaster Recovery/Business Continuity

  • Primary data center with backups
  • Ongoing data backups for file servers and databases
  • On-site generators
  • Full Business Continuity and Disaster Recovery Plan available upon request

Ongoing Maintenance and Updates

  • Cloud-based and fully managed
  • Monthly security updates during low impact times
  • Minimal if any impact to users
  • Failover testing
  • Anti-virus protection
  • Seamless monthly releases
  • Automatic access to improvements, fixes and enhancements

Scalability

  • Enterprise virtualization technology
  • Servers added/removed based on load and need
  • Failover and load-balancing from mulitple servers and databases in each iCarol environment
  • Balanced usage across multiple servers allowing seamless direction of traffic

Encryption

In Transit
  • HTTPS with 2048-bit SSL encryption
  • Transport Layer Security (TLS) 1.2 or higher
At Rest
  • 256-bit Advanced Encryption Standard (AES)
  • Private keys for Personal (PI) and Personal Health Information (PHI), free text fields

In-System Security Tools

  • Certify devices to prevent access outside authorized networks
  • User account and permission settings
  • Strong password requirement with 90-day resetting
  • Automatic timeouts after no activity
  • Sign-on and Activity Logs
  • Change Logging
  • Single Sign On available

HIPAA and Privacy Law Compliance

  • Business Associate Agreement (BAA) Signed with all customers
  • Annual HIPAA Risk Assessments
  • Outside audits
  • Ongoing mandatory training for all Harris Computer employees