HAMRsite.org Security Datasheet
Protecting the privacy of clinical information is a responsibility we take very seriously. We understand that medical data is personal and maintaining confidentiality is paramount. We are committed to our established practices and procedures to protect the confidential nature of your data.
The information you store in the HAMRsite.org database encompasses several layers of secure protocols. Our proven development methodology ensures that your data will be protected from hackers and unauthorized audiences. With both physical and binary security measures in place you can rest assured that your confidential data is being stored in secure manner.
Application and Network Security
The HAMRsite.org web application is regularly tested for hacker vulnerability. Our standards based security practices have been established to protect our server from common "hacks" and web-exploits such as SQL injection, cross-site scripting, and unrestricted directory listings. Passwords are stored using a one-way hash algorithm to prevent unauthorized retrieval. Role-based security tokens are encrypted with each user session to secure every level of access to our database.
- A dedicated hardware firewall actively scans each data packet with a comprehensive set of Unified Threat Management (UTM) security features to protect against network and application level attacks.
- Stateful Packet Inspection to perform access control and stop network level attacks
- IPS (Deep Inspection firewall) to stop application level attacks
- Denial of service (DoS) mitigation capabilities
- Best-in-class antivirus based on the Kaspersky Lab scanning engine that includes Anti-Phishing, Anti-Spyware, Anti-Adware protection to stop viruses, Trojans and other malware before they compromise the server
- Daily offsite backup routines are in place to prevent data loss in the event of a hardware failure or a catastrophic event. The daily snapshots are stored for a period of 30 days before they expire. With your data securely housed in an off-site backup facility, you can feel secure about storing your mission critical information on our server.
We believe physical security is just as important as application level security. That's why we chose to house our main server in a Peer1 data center. The area is fully secured and operated by authorized engineers. The following list of physical security practices is in place to protect your data from unauthorized access.
- State-of-the art data center security includes monitored closed circuit TV, 24x7 on-site personnel, military grade pass card access, and biometric hand-scan units
- Dedicated hosting centers in Atlanta GA, Miami FL, and Fremont CA
- Regulated climate control with full particle filtering and humidity control
- Backup power systems including on-site diesel powered generators and centralized UPS
HAMRsite.org is committed to protecting your privacy and developing technology that gives you the most powerful and safe online experience. This Statement of Privacy applies to the HAMRsite.org Web site and governs data collection and usage. By using the HAMRsite.org website, you consent to the data practices described in this statement.
Collection of your Personal Information
HAMRsite.org collects personally identifiable information, such as your e-mail address, name, home or work address or telephone number. HAMRsite.org also collects anonymous demographic information, which is not unique to you, such as your ZIP code, age, gender, preferences, interests and favorites.
There is also information about your computer hardware and software that is automatically collected by HAMRsite.org. This information can include: your IP address, browser type, domain names, access times and referring Web site addresses. This information is used by HAMRsite.org for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of the HAMRsite.org Web site.
Please keep in mind that if you directly disclose personally identifiable information or personally sensitive data through HAMRsite.org public message boards, this information may be collected and used by others. Note: HAMRsite.org does not read any of your private online communications.
HAMRsite.org encourages you to review the privacy statements of Web sites you choose to link to from HAMRsite.org so that you can understand how those Web sites collect, use and share your information. HAMRsite.org is not responsible for the privacy statements or other content on Web sites outside of the HAMRsite.org and HAMRsite.org family of Web sites.
The HAMRsite.org Web site use "cookies" to help you personalize your online experience. A cookie is a text file that is placed on your hard disk by a Web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you.
One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the Web server that you have returned to a specific page. For example, if you personalize HAMRsite.org pages, or register with HAMRsite.org site or services, a cookie helps HAMRsite.org to recall your specific information on subsequent visits. You have the ability to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer.
Security of your Personal Information
HAMRsite.org secures your personal information from unauthorized access, use or disclosure. HAMRsite.org secures the personally identifiable information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure.
Changes to this Statement
HAMRsite.org will occasionally update this Statement of Privacy to reflect company and customer feedback. HAMRsite.org encourages you to periodically review this Statement to be informed of how HAMRsite.org is protecting your information.
HAMRsite.org welcomes your comments regarding this Statement of Privacy. If you believe that HAMRsite.org has not adhered to this Statement, please contact us at firstname.lastname@example.org. We will use commercially reasonable efforts to promptly determine and remedy the problem.