RevenueHealth’s networks are protected by dual-redundant firewalls and with intrusion detection. All servers are monitored 24/7 for threshold events by RevenueHealth’s central NOC monitoring software. All workstations and laptops employ centrally managed anti-virus software that is updated hourly. RevenueHealth also centrally manages routine operating system (and application) updates. Critical server updates are applied no less than monthly (as they are released). Network performance/threat reports are published internally by the IT team twice daily.
Web facing servers all have security certificates of 2048bit strength or higher and databases containing PHI are always encrypted at rest at the disk level. All RevenueHealth laptops are encrypted at the disk level to mitigate any risk of theft or loss. Mobile devices are also encrypted and can be remotely wiped at any time via our MDM software. Any site-to-site client
connectivity happens over VPN.
RevenueHealth’s hardware environment runs on state of the art SAN technology allowing up to the minute server restoration. To ensure the integrity of its data, RevenueHealth employs multiple local and remote back-up technologies. Nightly incremental and weekly/monthly full back-ups allow RevenueHealth to meet the RTOs set forth in our disaster recovery plan.