Security Program Highlights at Zenith
Data Protection and Privacy
Advanced Encryption: Utilization of AES-256 encryption for data at rest and in transit.
Data Confidentiality: Adherence to confidentiality policies, with no third-party data sharing outside the Privacy Policy.
Sensitive Information Handling: Strict protocols for dealing with sensitive health information.
Access and Authentication
Secure Access: Robust authentication mechanisms for sensitive data access.
Granular Access Control: Strict measures to ensure resource access is limited to authorized individuals.
Role-Based Access Control: Different access levels based on user roles within a healthcare practice.
Secure Login Credentials: Enforced strong login credential rules and secure password storage.
Automatic Logout: Sessions end automatically after inactivity for enhanced security.
Data Security and Compliance
Healthcare Data Compliance: Compliance with HIPAA and other industry standards in healthcare data management.
Data Integrity and Availability: Advanced technology for continuous data availability and access.
Server Protection: Physical and electronic security at data centers, with robust firewall protection.
Infrastructure and Application Security
Comprehensive Infrastructure Security: Advanced tools for encryption key management and secure configuration.
Robust Web Application Protection: Deployment of advanced firewall technologies against web exploits.
Secure Container Management: Secure environment for containerized applications, including automated vulnerability scanning.
Secure API Deployment: SSL/TLS encryption and access control for secure API management.
Communication and Data Transfer
Encryption and Secure Communication: SSL AES 256-bit encryption for user-server communication.
Digital Certification: Use of digital certificates from reputable authorities for site and app authentication.
Billing Security: Plain credit card information is never stored on our servers. Credit card data is transmitted through encrypted channels. The data is securely stored by our PCI-compliant payment processing partners, ensuring high levels of security and compliance.
User Control and Monitoring
Access Control and Permissions: Account owners manage access to patient charts, billing, and scheduling records.
Notifications and Session Tracking: Alerts for logins from new devices and detailed session logs.
User Activity and Message Tracking: Detailed reports on user activity and message logs for monitoring.
Clinic-Level Access Control: Account owners assign access levels for user data confidentiality.
Additional Security Measures
Resilient Data Storage and Backup: Robust data storage and backup strategies for data durability.
Information Storage and Maintenance: Contact Zenith support for details on information storage.
Protecting User Privacy: Recommendations for users to enhance their privacy and security.
Firewall Protection: Comprehensive firewall systems to protect servers from unauthorized Internet access.