We understand the importance of security and compliance in today’s business world and we are committed to protecting the information of your members.
Our compliance program incorporates risk-based control reviews, annual internal and external audits, third-party contract and vendor management reviews and provider compliance assessments to ensure continued compliance with regulatory requirements.
Our Security Program is designed to limit access to the entire network environment, and we utilize a variety of controls to prevent environmental misuse of information.
We understand the potential impact on our clients and our organization if member data or payment information were to be compromised.
Our cloud platforms leverage the most state-of-the-art technology provided by our partners.
All critical data is stored on highly redundant, highly performant storage systems that are monitored for stability, tuned for performance, and configured to tolerate multiple failure of individual components. All data and system files are automatically backed up on a regular basis to minimize the risk of data loss and enable the recovery of data with minimal downtime.
Our network architecture has been designed to minimize the threat of outside attacks. UTM firewalls, Demilitarized Zone (DMZ), and an Intrusion Detection/Prevention System (ID/PS) are deployed to protect the network segments where the relevant applications reside.