|
MCCIT subscribes to the HIPAA Data Protection Policy Because MCCIT may provide remote backup services to businesses that could be considered "covered entities" under HIPAA (The Health Insurance Portability and Accountability Act of 1996), we have decided to lay out our data security practices to help ensure they remain compliant while using our service. Before any data is transferred to our servers by the MCCIT Backup client, it is first encrypted using 128-bit AES (with Twofish & Triple DES available in the Advanced version) with a password chosen by you and known only to you. MCCIT has no access to these passwords. Additionally, any backed-up data restored through our website is encrypted using 256-bit SSL on top of the already used encryption method to store the data. * All of our servers are located in secured & monitored datacenters with access restrictions in-place.
* For extra redundancy, the encrypted data is duplicated to at least one or more other servers located in separate geographic locations.
* For auditing purposes, the MCCIT Backup client automatically generates logs detailing the date/time and the files that have been backed up or restored. The MCCIT Backup client offers the ability to store your encrypted backups locally (on your computer(s)), and can provide instructions on how to archive these backups to a CD/DVD or other media. Additionally, for a fee, MCCIT can also ship the encrypted data to the covered you on CDs/DVDs, this data cannot be viewed without first being decrypted using the MCCIT Backup software and the covered entity's password.
|
