Security Statement

To protect the confidentiality of information and/or electronic data including Protected Health Information as defined by HIPAA Privacy Rule 45 CFR Part 164 (collectively, “Data”), ActiveHealth utilizes the following physical and electronic safeguards;

Authentication and Passwords

valid user ID and password is required for online access to enter the application systems and/or access Data maintained in our online application systems.

Internet Security and Encryption

We utilize Internet security features to protect Data from unauthorized external access. Secured Socket Layers (SSL) at 128-bit or higher data encryption are used to prevent unauthorized users from intercepting transmitted data. Data is protected from unauthorized external access through the use of proxy servers and firewalls.

Access

We restrict access to Data only to authorized personnel. Security levels further limit particular aspects of a client's data to specific personnel. Electronic Data will not be stored in shared common network file storage areas. We also impose user restrictions upon individuals authorized to access electronic Data to limit access and/or modification of Data.

Physical Security

The physical environment of computer systems containing Data is highly secured. Each ActiveHealth data center is constructed with power supply redundancy, sophisticated environmental controls and a full security system that limits physical access to computer hardware to only individuals holding a valid electronic key card and a personal identification number.

Last updated: 04/08
Reviewed: 3/2010