To protect the confidentiality of information and/or electronic data including Protected Health Information as defined by HIPAA Privacy Rule 45 CFR Part 164 (collectively, “Data”), Morehouse utilizes the following physical and electronic safeguards;
Authentication and Passwords A valid user ID and password is required for online access to enter the application systems and/or access Data maintained in our online application systems.
Internet Security and Encryption We use Internet security features to protect Data from unauthorized external access. Secured Socket Layers (SSL) at 128-bit or higher data encryption are used to prevent authorized users from intercepting transmitted data. Data is protected from unauthorized external access through the use of firewalls.
Access We restrict access to Data only to authorized personnel. Security levels further limit particular aspects of a client’s data to specific personnel. Electronic Data will not be stored in shared common network file storage areas. We also impose user restrictions upon individuals authorized to access electronic Data to limit access and/or modification of Data.
Physical Security The physical environment of computer systems containing Data is highly secured. Each Morehouse data center is constructed with power supply redundancy, sophisticated environmental controls and a full security system that limits physical access to computer hardware to only individuals holding a valid electronic key card and a personal identification number.