Security Policy

Business continuity and disaster recovery

Harmony Healthcare IT provides a safe, secure IT environment that serves its customers’
requirements, ensures stability and continuity of the business, and continually provides goods and services that promote confidence in the company. The business continuity and disaster recovery plan also provides a blueprint that enables quick recovery from disruption.

Physical security of facilities

Physical security controls and secure areas are used to minimize unauthorized access
as well as damage to, and interference with information and information systems.
Physical access to Harmony Healthcare IT servers and network devices is restricted to
authorized individuals.

All infrastructure housing sensitive personal health information (PHI) is held within
a Tier 3 data center with co-locations designed to meet security and access
standards. Additionally, the Harmony Healthcare IT physical office is secured with
industry-standard access measures.

Identification and authentication

Industry-standard authentication measures are required to access the Harmony
Healthcare IT infrastructure, including but not limited to multi-factor authentication.

Network security

Harmony Healthcare IT provides defensive measures through a layered security
architecture by utilizing firewall and network filtering technology and advanced monitoring.

Policy

Harmony Healthcare IT is open and transparent with its program and policies to
help you understand how products and services are managed.