Our Security, Briefly Stated
AllOne Health’s most important concern is the protection and confidentiality of Customer and Client data. Our servers are protected by high-end firewall systems, and scans are performed quarterly to ensure that any vulnerabilities are quickly found and patched. Complete penetration tests are performed yearly. All services have quick failover points and redundant hardware, with complete backups performed nightly.
Access to systems is severely restricted to specific individuals, whose access is monitored and audited for compliance.
Customer and Client data is processed (stored, collected, retrieved) in our DataCenter located in Wilmington, MA.
AllOne Health uses Transport Layer Security (TLS) encryption (also known as HTTPS) for all transmitted data.
Regarding HIPAA, HITECH, and specific data types: AllOne Health provides services where all data is processed equally, without regard to how a Customer might classify their data. As such, AllOne Health cannot declare or represent any data entered into its services. Any processing of specific data types is purely incidental, and not required to use the services.
HITECH (Health Information Technology for Economic and Clinical Health Act) updated HIPAA rules to ensure that data is properly protected and best security practices followed. AllOne Health safeguards all Customer and Client data and uses a secure data center to ensure the highest protection as per HITECH requirements.
ISO 27001 Certification
On June 14, 2018, AllOne Health achieved ISO 27001 certification. Click here to download the Certificate of Registration.