HIPAA Compliance & Security Features
We take privacy and security very seriously. We implement state of the art security and encryption protocols to assure that data integrity and privacy is maintained. Akos Connect offers complete HIPAA compliance and follows strict guidelines to ensure the highest levels of security. Below is a listing of some of our included features.
Our HIPAA-compliant server is backed up to a separate facility other than the data center
Security Information and
Event Management (SIEM)
The Server Log Management function indexes server logs and creates a searchable index for log file analysis or log auditing. HIPAA compliant cloud hosting guidelines require log collection.
Electronic PHI is encrypted as regulated by the HIPAA Security Rule to meet standards in accordance with HIPAA Compliance. This process is used as a safeguard for risk management to protect the data contained within. Under HIPAA compliancy guidelines, PHI data must be encrypted both at rest and in transit. Your data stored in the cloud is encrypted with AES-256 symmetric cryptography and your data in transit is encrypted with an RSA 2048 bit key.
Web Application Firewall (WAF)
Blocks and monitors network traffic at the application level. Rule customization and advanced security features protect applications and services. The web application firewall (WAF) complements a physical firewall. Whereas a physical firewall allows traffic through HTTP and HTTPS, the WAF filters attacks to stay within the HIPAA compliant web hosting guidelines.
Business Associate Agreement
Provides assurance that HIPAA Compliant data will be safeguarded and protected by an entity that provides services for a HIPAA Compliant organization. The Business Associate Agreement must be provided in writing to the covered entity.
A method of authentication that is more secure than using a simple password alone. It employs the use of a second factor that adds to the complexity of the user authentication.
Vulnerability Assessment Scans
Run regular vulnerability assessment scans in order to reveal any weakness in security that should be remedied.
Host Intrusion Detection
Monitors log activity and sends email alerts to the system administrator when an anomaly is detected. HIDS automatically adds firewall rules to block the source of any anomaly.
Manage password policies to ensure they are being changed on a regular basis and they are complex enough to meet the security policies.