top of page

Security

At IMPOWR, security and privacy are intrinsic with our 'Secure-By-Design' approach. Our robust tools provide comprehensive coverage. For added assistance, we've introduced a dedicated 'Security Advisor.' IMPOWR is hosted on Microsoft Azure, known for its industry-leading compliance solutions, with numerous certifications highlighting our dedication to data integrity and regulatory compliance.

 

This is just a glimpse of what we offer. Get in touch to explore the full spectrum of IMPOWR's capabilities.

Technology-based compliance tools that are secure by design

  • Robust encryption of all data, both in storage and during transmission, on a dedicated Azure SQL database hosted on certified Microsoft Azure servers.

  • Stringent measures in place, including role-based security, strong password enforcement, and optional two-factor authentication. Additional safeguards like unique password checks and anti-robot protections enhance security.

  • Continuous access monitoring, administrative alert tools, and lockout protocols for added protection.

  • Extensive audit trail tracks login activity and security attempts.

  • System-generated emails contain no sensitive information.

HIPAA, HITECH & CMIA

  • IMPOWR never retains credit card details, including numbers, expiration dates, or CVV information.

  • All credit card transactions are encrypted and processed through a customer-specified, independently contracted 3rd-party card processor.

PCI-DSS

  • Manage accounts with options from deactivation to complete record deletion. Track client and staff requests for data deletion and storage information.

  • IMPOWR’s consent model allows clients to manage their data sharing rights, with flexibility over time and exceptions.

  • All data in IMPOWR is accessible and can be reported, but PHI is never shared, reported, or sold for any purpose.

GDPR

  • Manage accounts, from deactivation to full record deletion. Track client and staff data deletion requests and storage information.

  • Clients can control data sharing rights, with flexibility and exceptions over time.

  • All data is accessible and visible to IMPOWR users, available for sharing in reports (PHI is never shared, reported, or sold by Continual Care Solutions).

CCPA

  • Hosted on Microsoft Azure, inheriting Azure's SOC compliant data center physical and network security measures.

  • When data is provided to CCS for import into IMPOWR, it is temporarily stored on a locally protected PC. Once uploaded to the encrypted Azure database, it is promptly deleted from the local PC.

NEW YORK SHIELD ACT

bottom of page