Serious Compliance & Security
Deploy Data Quickly with Peace of Mind
Serious Compliance & Security
Deploy Data Quickly with Peace of Mind
One of the most flexible and secure cloud environments available today it provides an extremely scalable, highly reliable platform that enables our partners to deploy data quickly and securely.
Platform & Policy Tenets
To help you keep your data and systems secure in the cloud, we provide a wide variety of security features and tools. Our key platform and policy tenets include:
HIPAA complaint
PCI compliant
ADA accessible (WCAS 2.0 Level AA)
Externally audited for HIPAA Compliance, PCI compliance and SOC-II
Periodic penetration tests
1st class data hosting provider with PCI DSS Level 1, HIPAA, SOC 1, 2 and 3, and ISO 27001 certifications
Full encryption at multiple layers for data at-rest and data in-transit, including databases and/or files
High availability and 99.99% uptime
Tiered network architecture with multiple firewalls between each tier
Secure multi-providers architecture
Secure data integration supporting VPN, GPG encryption for files transfer,
SFTP, and FTPS data transfer
Extensive logging and audits to ensure ongoing security
Authentication & Website Security
Patients who access and pay their bills through Simplee are required to log in (or authenticate) before accessing private information. These security features include:
Forced SSL encryption using 2048-bit RSA and SHA-256 key lengths
Daily vulnerability scanning
Online seal displaying up-to-date security status
Flexible patient authentication options including support for:
Anti–brute force hacking with Captcha and 24-hour account locking after several failed attempts
Unauthenticated payment allowing patients to pay without logging in. In this case, patients provide the minimal information required to complete a payment (such as account number, payment amount, and credit card information) and are not shown any statements or PHI
Extensive logging and audits to ensure ongoing security
Staff Experience Security
Simplee provides numerous features to ensure the security of the Staff Experience interface. Below are our key security features:
SSL Encryption using 2048-bit RSA and SHA-256 key lengths
SSO authentication for secure and seamless integration with provider’s Health Information system
Role based access defining different roles for users. For example, an accounting user has access to bank information only and an Revenue Cycle Management department user has access to patient information.
Strong password policies including strength restrictions (such as minimum length) and expiration
IP-based access restriction that specifies IPs or a subnet of IPs to limit access to a provider’s facility or facilities
Anti–brute force mechanisms with detection and temporary locking of and offending IP and its users
