Authorization and Access Control
Averity maintains several levels of authorized access to medical, financial and other personal information. Access to medical practice information is restricted to authorized personnel in that medical practice.
Each Averity account is protected by a personal username and password. Account information cannot be accessed without the proper username and password combination. Users are responsible for maintaining their passwords private.
Each user is assigned a combination of privileges, which determine the scope of user access to sensitive information. Examples of privileges include ability to view reports, order tests and create plans.
Proper identification of users prior to authorizing access is critical. Procedures for identification of users include personal contact and verification of providers' licensing documents.
User access to account information is logged and monitored via security audits. In this way a trail record of user activity is maintained, including all access to sensitive information.
All information transmitted via the Internet is encrypted using Secure Socket Layer (SSL) protocol with support for up to 128-bit keys.
Our servers are located at Conxion's enterprise-level data center. Conxion is a leading provider of managed-hosting services. At Conxion, security measures include controlled access to the building through restricted floor access, motion sensors and surveillance cameras. Redundant Internet paths owned by Conxion ensure high availability of service.
Changes to this Security Policy