CompanyMileage.com is a HIPAA compliant software dedicated to maintaining levels of security and compliance that meet or exceed the standards set by the Health Insurance Portability and Accountability Act (HIPAA).
A three-tiered system ensures that we can maintain the highest levels of security.
Data Encryption
Ensuring the utmost security, our system incorporates a multi-layered approach to protect data at every level.
- Split knowledge, dual-control passwords
- Table-level encryption
- Password rotation management
- Log file encryption
- Privileged user (root) protection
- Compliance with PCI DSS, HIPAA, HITECH, FISMA and other regulatory guidelines for encryption of data at rest
- PCI certification
- Secure offsite key management.
Secure Facilities and Equipment
Our commitment to security extends beyond software, with secure facilities and cutting-edge equipment safeguarding our systems.
- Primary servers are hosted and managed by Rackspace’s data centers with 24/7 management and monitoring
- Synchronized servers are hosted by AWS’s data centers with 24/7 management and monitoring
- Data centers are SSAE 16/ISAE 320 certified
- Backups are daily
- Secure servers running RedHat Linux are maintained and serviced daily with any security patches
- Firewalls are in place to prevent unauthorized access to the system
- 256 bit encryption SSL.
Privacy Policies
At CompanyMileage, we prioritize the sanctity of client data, implementing policies that reflect our dedication to privacy and discretion as a HIPAA compliant software.
- Client address books can be segregated by individual user, department or division
- Client names can be suppressed on physical reports generated by users
- CompanyMileage will not share client data with any third parties without written authorization from our client
- CompanyMileage data systems are securely stored and accessible only by authorized company officials.
