Passwords
When you create your emergency record, you will be asked to create a username and a password. If you have created your emergency record yourself, only you will have access to and the ability to change this password. If you have authorized a medical provider to create a record in your name, the medical provider will select a password and a username for you. In this case, the medical provider will transfer your credentials to you so that you still have the ability to login and change your password as desired. Only you and the medical provider who you will have previously authorized, will have access to your password and username.
Data Access
Only you and those parties acknowledged in the consent statement when you create your record will have access to your Emergency Record.
Firewalls
International SOS maintains its firewall on site in order to prevent unauthorized access to our private network. Data entering or leaving our private network passes through the firewall, which blocks the data that does not meet specific security criteria.
Encryption
In order to ensure that no unauthorized individuals can attempt to capture private data being sent to and from our server over the Internet, International SOS encrypts confidential information. Utilizing a SSL and VeriSign digital certificate technology, confidential data is encrypted at a 40- to 128-bit encryption level. The level of encryption is contingent upon one's browser configuration.
Secure Sockets Layer (SSL)
SSL is a security protocol that utilizes a private key to encrypt data during the transfer of confidential information. This type of secure connection can be identified on our site (and all sites that employ this method of protection) by looking at the URL and the bottom right hand corner on pages that use SSL. In the URL, 'https:' instead of 'http:' is part of the Web address. On the bottom right corner of your browser window, you will also see an icon of a padlock, reinforcing that this page is protected.
Data Utilization Protocol
Personal information can be accessed by those parties acknowledged in the consent statement when you create your record, only as a means of assisting you. Information will never be sold or given to third parties.
Utilization of Certification Authority
A Certification Authority is a trusted third-party organization that guarantees the authentication of an additional entity. VeriSign, the leading certification authority, has issued the certificate for International SOS. The certificate can be viewed on any page running on a secure connection, which is designated by the 'https//' in the URL, as well as an icon of a padlock in the bottom right corner of a secure page. Viewing the certificate depends on the configuration of the user's browser. For Internet Explorer users, the certificate can be accessed by right clicking on a secure page and then choosing the Properties option. For Netscape Navigator users, the certificate can be viewed by selecting the security icon on the top of the page on the toolbar and selecting 'Certificates' on the menu option.
Training
Training of all employees about the privacy and security of one's personal information is a critical component of our security procedures. As new technologies continue to develop and be employed, we will maintain our commitment to education on privacy and security issues, evaluating their affects, implementing procedures and training our entire staff.
Contingency Plan
In order to respond to system emergencies, a contingency plan has been developed. In accordance with our plan, all data is backed up regularly, and copies are stored in a secure, off-site location.