Security

As a leader in providing advanced information-technology solutions for enabling access to clinical information over the web, 4Medica considers security to be critically important. The 4Medica application meets or exceeds the HIPAA guidelines on security and privacy of patient records, which require the following controls:

  • Account information cannot be accessed without the proper Username and Password combination assigned to each User.

  • Automatic log-off in case of inactivity

  • In order to ensure limit the information viewed by certain Users, 4Medica provides ability to assign Role Based Security for access to medical and other information, by authorized personnel within a clinical setting.

  • All information transmitted via the Internet uses 128-bit encryption and Secure Sockets Layer (SSL) so that only the intended recipient can have access to it.

  • An Audit Trail in order to track all records viewed and changed by a particular User.

Data Center
All Users connect to 4Medica servers at our secure Data Center. The data between the individual Laboratory Information System (LIS) at the laboratories and 4Medica servers is exchanged using Virtual Private Network (VPN) for high level of security.

The Data Center architecture is designed for High Availability with complete Redundancy and Security. 4Medica has invested significant resources to ensure Disaster Recovery by creating two completely replicated Data Centers located in Los Angeles and New Jersey at Savvis, a leading provider of managed hosting service. 4Medica servers have power back-ups and multiple pipes for redundant internet pathways. Our data servers sit behind several layers of security and firewall protection. The Savvis co-location facilities provide security measures that include controlled access to the building through restricted floor access, motion sensors and surveillance cameras.

Your sessions
You can determine if your session is encrypted by checking the icon in the lower left or right corner of your browser. Below are icons that you should be looking for:

Entity Authentication
Proper identification of users prior to authorizing access is critical. Procedures for identification of users include personal contact and verification of providers' licensing documents.

Accountability (Audit Controls)
User access to account information is logged and monitored via security audits trails that can provide complete record of user activity while they were logged in the system.

Physical Security
4Medica servers are located at Savvis, a leading provider of managed hosting services, co-location facilities in Los Angeles and New Jersey. Redundant Internet paths ensure high availability of service.

Changes to this Security Policy
4Medica may amend this policy from time to time. If we make any substantial changes we will notify you either by e-mail or by posting an announcement with any significant changes on the 4Medica website. You should also check this posted Security Policy for any future changes. If you do not agree to the terms of this Privacy Policy or any revised policy, please exit the site immediately.