Through HIPAA (Health Insurance Portability and Accountability) the United States is providing privacy standards to protect patients’ medical records and other health information provided to health plans, doctors, hospitals and other health care providers.
HIPAA is an effective compliance at Total Language and requires the following:
- Security Incidents– Total Language will track unauthorized access attempts in an effort to reduce risk and exposure to threats from outside network attacks and malware.
- Access Management– Total Language requests to/from our servers are made over encrypted https (TLS 1.2) using only the most secure cipher suites. As well as AES 256 encryption.
- Encryption and Decryption–Total Language infrastructure is a multi-tenant public cloud solution with the ability to segregate data by tenant on their own dedicated instance. All User information is encrypted within the Total Language database.
- Key Management– The key management service we utilize takes advantage of Hardware Security Modules to protect the security of the keys.
- Logging and Audit Controls– HTTPS is the only form of communication allowed to the Total Language API. The SSL certificate can (and should) be validated in the client’s web browser. All security incidents are escalated to senior technical staff and when found to be true threats are logged against the internal ticketing system for mitigation.
- Monitoring–Total Language monitors all servers and network hardware the application is running on. Roles Based Management can be used to restrict access to those users who should not have access to PHI information.
- Additional Security Incidents– Security incidents are communicated to administrators through email/text/phone call and require recognition to close incident or same notifications remains open and hits additional administrators.
If you would like to learn more about Total Languages HIPAA Compliance, download our document here.
At Total Language, we are always staying up to date with privacy trends for our customers. Total Languages security framework is based on the ISO 27001 Information Security Standard and includes security mechanisms that cover:
- Total Language Personnel Security
- Product Security
- Cloud and Network Infrastructure Security
- Continuous Monitoring and Vulnerability Management
- Physical Security
- Business Continuity and Disaster Recovery
- Third Party Security
- Security Compliance
Totals security is represented at the highest levels of the company, with our Chief Information Security Officer meeting with executive management regularly to discuss issues and coordinate company wide security initiatives. These policies and standards are available to our entire team. Total Language is confident that our network security team has deployed the most advanced security features to meet and exceed all regulatory and government requirements, as well as the trust of our customers and vendors.