Like you, we take data security very seriously. We follow guidelines specified by HIPAA Security Rule Standards 164.308, 164.310 and 164.312 (Administrative, Physical and Technical Safeguards). Our combination of hardware- and software-based security, plus proven security practices protects your data against loss, corruption, or unauthorized access.
Sensitive data is stored only within the customer database, and each client’s data resides in a physically-separate database from other Selerix customers.
To enhance security on our system’s network, we divided our servers into multiple security zones, each zone separated logically via a firewall device. Our network security permits only authorized traffic to access the system from the outside or between the zones. Administrative traffic is restricted to authorized VPN users whose access is controlled via two-factor authentication.
In addition to hardware firewalls, our servers are protected by enterprise-class antivirus and firewall software.
The BenSelect system uses 256-bit encryption and Transport Layer Security (TLS) for all personal information transmitted over the Internet. The system also encrypts all backups before transmission off-site.
Role-Based User Access
User access to the system is governed by Roles, which are groupings of permissions that specify which users have access to what sets of features. These roles are defined within the system and added to user accounts. System administrators may create new roles through the administrative site.
Users log in with unique usernames and strong passwords. For further security, each user account carries a set expiration date, after which a user can no longer log in until an administrator resets that user’s account. Single sign-on is supported through web service integration.
Secure Data Centers
All data is stored on Selerix owned and managed systems. These systems are located at two separate SSAE16 compliant, hosting facilities and have support staff available on a 24/7 basis. Access to our systems in these facilities is restricted to a limited number of authorized personnel. And physical access is monitored and controlled by closed-circuit TV, proximity readers, biometrics and escorted access.
Client databases are backed up within the cluster to a standby database server. In addition, backups are encrypted and copied to a remote off-site location at 15-minute intervals.
Security updates are applied on a recurring basis base on level of criticality and applicability. Critical security updates are applied within 48 hours of patch release.