Security
CompanyMileage.com is a HIPAA compliant software dedicated to maintaining levels of security and compliance that meet or exceed the standards set by the Health Insurance Portability and Accountability Act (HIPAA).
A three-tiered system ensures that we can maintain the highest levels of security.
Data Encryption
- Split knowledge, dual-control passwords
- Table-level encryption
- Password rotation management
- Log file encryption
- Privileged user (root) protection
- Compliance with PCI DSS, HIPAA, HITECH, FISMA and other regulatory guidelines for encryption of data at rest
- PCI certification
- Secure offsite key management.
Secure Facilities and Equipment
- Primary servers are hosted and managed by Rackspace’s data centers with 24/7 management and monitoring
- Synchronized servers are hosted by AWS’s data centers with 24/7 management and monitoring
- Data centers are SSAE 16/ISAE 320 certified
- Backups are daily
- Secure servers running RedHat Linux are maintained and serviced daily with any security patches
- Firewalls are in place to prevent unauthorized access to the system
- 256 bit encryption SSL.
Privacy Policies
- Client address books can be segregated by individual user, department or division
- Client names can be suppressed on physical reports generated by users
- CompanyMileage will not share client data with any third parties without written authorization from our client
- CompanyMileage data systems are securely stored and accessible only by authorized company officials.