confidentiality remindertype pad computer

eCHN Technical Safeguards

eCHN applies the following technical safeguards to data in its care:

Strong multifactor authentication mechanisms are enforced for accessing sensitive systems.
Administrative access to information-processing infrastructure is granted on a need to know basis. All system and application access activities are logged.
Network traffic is monitored and managed using security devices such as routers, switches, network firewalls, intrusion-detection systems, anti-virus programs and Security Incident and Event Management tools.
End-to-end encrypted channels are used for all data communication between eCHN and its members or its eCHN Portal users.
eCHNs security policy prohibits removal of any media containing Personal Health Information from eCHNs Premises. Also, eCHNs policy limits the storage of PHI to specified/secure servers.
eCHN Personnel laptops and desktops are fully encrypted. If laptops are lost or stolen, data confidentiality and integrity is not compromised.
Vulnerability assessments of technical configurations and operational security practices are carried out periodically and when new projects are undertaken or significant changes are introduced.
A patch management process ensures that the information-processing infrastructure is updated with critical security patches and functional updates in a timely manner.
All accounts of former staff or consultants are revoked upon termination of employment or contracts.
Critical information is backed-up on a regular basis and is recoverable in the event of operational incidents.
Infrastructure availability is monitored and managed 24/7.