Leadon Systems has adopted security standards in all the process, because we believe our client data is very important to protect them. So, we have implemented ISMS methods for data security. The security has been given for two levels, human and systems.
Two Tiered Site Security
All of Leadon Systems facilities have a 2-tier physical security system:
 Guarded Entry of Individual
Security guards are on 24-hr. duty at all Leadon locations. Guards check employees’ persons and bags to ensure that no data is improperly removed from the facilities.
 Access Control Cards
All employees are provided with Access Control Cards that permit entry into the building and log employee movement in and out of the building. Employee’s photographs are displayed prominently on their Access badges.
 |
Machine Level Security
Machine Level Security is assured by password protection and control systems |
Password Reset
Each user’s password must be changed every 30 days.
Inactive Machine Auto-Lock
Machines left inactive for 10 minutes auto-lock and the user must re-login.
Failed Login
If a login fails thrice, a user must contact the Systems Administrator who restores rights only upon confirmation of user identification.
Network and System Security
Internal-System Security is safeguarded via:
Dedicated Proxy Server
Individual accesses are controlled through a dedicated Proxy Server.
Firewalls
Firewalls protect the Leadon network against threats from any external sources.
Monitoring and Management
Users within Leadon are able to access only sites to which they have specifically been granted access. Moreover, a log of all internet browsing and FTP use is maintained and monitored.
Disaster Recovery
Leadon backs-up all data on the system daily, weekly, and monthly to ensure immediate recovery in the event of a disaster. To add extra protection, copies of this information are kept at an office in another location within the city.
Leadon has multiple offices in Chennai, India and constantly maintains additional space so that expansion for special projects is at all times possible. These ramp-up ready spaces and satellite offices provide the added bonus of acting as back-ups for disaster management, and copies of crucial data is maintained oversees via multiple high-speed telecommunication. All facilities are fully networked with provisions for necessary communication links and can be made functional within a short time frame in times of emergency.
System Security Regarding Data Transmission
Leadon can support any encryption scheme that the client may require to ensure data security, but prefers to transmit data and codes across dedicated point-to-point data links connecting its offices with the client. Confidential data is never transmitted over the Internet, thus reducing the need to encrypt data during transmission, and Leadon security has never been reached.
HIPAA Preparedness Statement
Leadon Systems recognizes the significant changes that the HIPAA regulations present to the healthcare industry. Leadon Systems is committed to helping our clients achieve HIPAA compliance within the timelines established by the regulations.
Leadon Systems is undertaking the effort and expending substantial sums in order to be responsive and knowledgeable regarding HIPAA regulations and the impact on our customers. Leadon Systems understands that some of the HIPAA regulations have not yet been finalized, and are subject to change. Going forward, Leadon Systems guiding principle is to make every reasonable effort to be knowledgeable and responsive regarding HIPAA regulations, and to act as a business associate in all client activities geared toward achieving HIPAA compliance within the mandated timeframes.
Safeguarding the confidentiality of patient information is at the heart of HIPAA legislation. Every healthcare system must have effective systems in place to uphold these important – and often complex – regulations.
|
