List of Terms
Policy, you may not access or use the Network of Care services or Web site.
Our Promise - Network of Care will never release or sell any of your personally identifiable information.
Network of Care respects your privacy and promises to earn and keep your trust. All personal data and information about you and the recipient of your
care ("Personal Information") is kept confidential and will not be used in ways to which you have not consented, and we will not sell or disclose any information that identifies you to a third party. In particular, your PHR data will not release for any purpose, including marketing or research, to third parties, such as employers, insurers or our own internal developers, under any circumstances without your explicit request and consent. In the event that you close your PHR account, all your personal data will be expunged from all servers. However, all access logs will remain intact.
Collection of Information
We collect information in three distinct areas relative to our public-facing site: (1) login registration and profile creation; (2) the customized medical-records
feature, and (3) interaction with the website and tools.
PHR and Network of Care infrastructure and security
All of the major architectural technologies are virtualized. This provides a layer of abstraction between virtual systems and underlying physical infrastructure, and thus
allows for compartmentalization and modularity among components. All PHR data is encrypted and stored in designated servers. Activity logs are maintained and accessible to
our users upon request within 15 days.
- Virtual Servers. Multiple, individual server-operating systems are hosted on a single hardware platform. Multiple hardware servers can be “clustered” together for fault-tolerance and scalability. Each Virtual Server instance is easily portable between each host in a cluster. Virtual servers for different products and customers are secured by separate virtual switches and VLANs.
- Virtual Storage. Disk storage is completely separate from servers, is highly fault-tolerant, and can be carved up into flexible units that can be applied to any virtual server. The storage units can be moved around, re-sized, copied, duplicated, and restored with relative ease. We have implemented a sophisticated Storage Area Network (SAN) as a robust, central repository for all data.
- Virtual Networking. The network is modular as well. Instead of traditional routing, high-speed switches are used throughout, which is much faster and more flexible. The same network infrastructure used for general connectivity can also be used as a storage transport for the SAN. Network resources can be quickly allocated and customized, expanded and reduced. Each product and customer is walled-off from one another via dedicated virtual switches and VLANs, and VLAN Access Lists (ACLs) are used to open only those ports necessary for communications to and from other systems. Internet access is provided by InterNAP, which aggregates multiple carriers and employs routing protocols to optimize transit. These connections are dual-hand-off redundancy, with two physical firewalls in a fail-over configuration.
- Server Fail-Over. We have many server hosts in our cloud. When one host fails, virtual servers can be failed-over to healthy hosts. In most cases, this can be done without interruption of service. In extreme cases, it requires no more time than a reboot of a virtual machine.
- Storage "Snapshots". Our SAN is configured to take a point-in-time snapshot of the entire data set daily and maintain that data for a week. This allows us to restore entire virtual disks to the state they were in on a previous day.
- Backups. Even with all of this redundancy, backups are still important. We back up to another disk array, and we can offer the option of copying that data to a secure online repository at our Business Continuity Site, or even at another cloud provider.
- Demand-Based Scalability. We can add CPU and Memory as needed and do it quickly. We can make changes as soon as we receive the request and process it same-day, and often with no interruption of service.
Our Colo has the following features and amenities and is located in San Francisco. (All PHR data is stored in United State only):
- Operated by Virtustream, 650 Townsend, San Francisco.
- Strong physical security, in the form of limited door access, layers of checkpoints, “man-traps,” and 24x7 security staff.
- Biometric access verification.
- Fire suppression, gas-based, so as not to destroy equipment if it is activated.
- Redundant power sources.
- Battery systems that keep power online in the event of an outage.
- Redundant generator systems that kick on seamlessly when the power grid goes to battery operation.
- Periodic testing of all power systems.
- Convergence of significant, redundant bandwidth from major Network Service Providers.
- SSAE and SAS70 Type 2 certification.
The Colo pulls together all of the best networking products into immediate proximity, so we can add new bandwidth and features easily, including branch offices or
Disaster Recovery Replication to another physical site.
System Security and Access
- Access to individual resources and servers is carefully managed. One user account is assigned to each person requiring access.
- Accounts are subject to password complexity requirements.
- Access permissions are subject to manager approval.
- Accounts and security privileges are reviewed quarterly.
- Security logs are audited quarterly.
- All public-facing websites are secured with valid SSL certificates
- External access is via encrypted technologies such as SSH, IPSec VPN, PCoIP, or encrypted RDP.
As stated above, Personal Information will not be released to third parties. Network of Care may provide your information to third parties in aggregate with others'
information, which does not allow you to be identified or contacted ("Aggregate Information"). For example, we might inform third parties regarding the number of users of
our site and the activities they conduct while on our site. We might also inform our national partners, such as the National Association of County Behavioral Health and
Developmental Disability Directors, that "30 percent of our users live east of the Mississippi" or that "25 percent of our users have looked into elder legal services."
Network of Care does contain links to other Web sites. Please note that when you click on one of these links, you are "clicking" to another Web site. We encourage you to read the privacy statements of these linked sites as their privacy policies may differ from ours.
How Network of Care Handles Privacy Internally
We use industry-standard efforts to safeguard the confidentiality of your personal information, such as firewalls and Secure Socket Layers where appropriate. Strong physical
security, in the form of limited door access, layers of checkpoints, “man-traps,” and 24x7 security staff as well as Biometric access verification. We review our
Web security on an ongoing basis, adding more measures and safeguards whenever possible.
Your Privacy Choices
When you complete login registration and your user profile, you give us permission to send you recurring informational/promotional emails from Network of Care. You are always
given the option to opt out of receiving any or all of these emails at any time, either by responding to the email or by changing your preference selections in your account area on our Web site. If we change the way we use any of your
individually identifiable information, we will contact you via email at the address designated in your user profile.
Updating Your Personal Information and Contacting Network of Care
You can always contact us in order to delete your Personal Information from our systems by emailing us at firstname.lastname@example.org. Additionally, you can always update the
Personal Information that you have provided to us and change your privacy choices in the user profile area and in your account area on our website.