Serious
Compliance & Security
Compliance & Security
Deploy Data Quickly with Peace of Mind
Deploy Data Quickly with Peace of Mind
Scalable. Reliable. Secure.
One of the most flexible and secure cloud environments available today it provides an extremely scalable, highly reliable platform that enables our partners to deploy data quickly and securely.
PLATFORM & POLICY TENETS
To help you keep your data and systems secure in the cloud, we provide a wide variety of security features and tools. Our key platform and policy tenets include:
- HIPAA compliant
- PCI compliant
- ADA accessible (WCAS 2.0 Level AA)
- Externally audited for HIPAA Compliance, PCI compliance and SOC-II
- Periodic penetration tests
- 1st class data hosting provider with PCI DSS Level 1, HIPAA, SOC 1, 2 and 3, and ISO 27001 certifications
- Full encryption at multiple layers for data at-rest and data in-transit, including databases and/or files
- High availability and 99.99% uptime
- Tiered network architecture with multiple firewalls between each tier
- Secure multi-providers architecture
- Secure data integration supporting VPN, GPG encryption for files transfer,
- SFTP, and FTPS data transfer
- Extensive logging and audits to ensure ongoing security
Authentication & Website Security
Patients who access and pay their bills through Simplee are required to log in (or authenticate) before accessing private information. These security features include:
- Forced SSL encryption using 2048-bit RSA and SHA-256 key lengths
- Daily vulnerability scanning
- Online seal displaying up-to-date security status
- Flexible patient authentication options including support for:
- Anti–brute force hacking with Captcha and 24-hour account locking after several failed attempts
- Unauthenticated payment allowing patients to pay without logging in. In this case, patients provide the minimal information required to complete a payment (such as account number, payment amount, and credit card information) and are not shown any statements or PHI
- Extensive logging and audits to ensure ongoing security
Staff Experience Security
Simplee provides numerous features to ensure the security of the Staff Experience interface. Below are our key security features:
- SSL Encryption using 2048-bit RSA and SHA-256 key lengths
- SSO authentication for secure and seamless integration with provider’s Health Information system
- Role based access defining different roles for users. For example, an accounting user has access to bank information only and an Revenue Cycle Management department user has access to patient information.
- Strong password policies including strength restrictions (such as minimum length) and expiration
- IP-based access restriction that specifies IPs or a subnet of IPs to limit access to a provider’s facility or facilities
- Anti–brute force mechanisms with detection and temporary locking of and offending IP and its users
- Automatic log-out after a defined inactivity time
- Audit logs of system usage