Highlights of BAVEL Health SandBox technology partners

InterSystems

More than 1 billion health records worldwide are managed using the same technology, connecting thousands of disparate health information sources to achieve meaningful clinical utility.

InterSystems IRIS for Health – Proven mission – critical security and reliability for the world’s most important applications

Security Model

InterSystems products provide flexible and robust security capabilities while minimizing the burden on application performance and development. Our products are designed to support secure application deployment in three ways, by:

  1. Securing the product environment itself 
  2. Making it easy for developers to build security features into their applications
  3. Ensuring that our products work effectively with – and do not compromise – the security of the operating environment

The security of our products is based on Authentication. 
Authentication is how users (humans, devices, other applications) prove that they are who they say they are. Our products support a number of authentication mechanisms (LDAP, Kerberos, direct passwords, OpenAM, and OpenID), and include support for two-factor authentication as needed.

Authorization determines what resources a user is allowed to use, view, or alter.
Assignation and management of privileges (including role-based and application-based privileges) are easily accomplished through APIs, and interactive applications. Also we support row and column level security, as well as RBAC.

We provide mechanisms for encrypting both data-at-rest and data-in-motion.
Data-at-rest encryption encrypts the entire database, including indexes. Our products will detect if the underlying hardware supports acceleration for encryption algorithms and uses them. In addition we support data-element encryption to encrypt highly sensitive information. Those can even be re-encrypted at runtime.

In our products, all system and application events are recorded in a tamper-proof append-only log, which is compatible with any query or reporting tool that uses SQL to review and analyze audit records. In addition to the built-in auditing events, customers can store application specific events as well.

Reliability

Keeping your data intact and your important applications up and running 24×7 matters.
InterSystems IRIS provides several options for high availability (HA) and disaster recovery (DR), including clustering, virtualization HA, and an elegant, easy-to-implement technology for database mirroring.

A database mirror is a logical grouping of two InterSystems IRIS systems.
Upon startup, the mirror automatically designates one of these two physically independent systems as the primary system; the other one automatically becomes the backup system. Mirrored databases are synchronized from the primary to the backup failover member in real time through a TCP channel.

Sharded database architectures require setting up a database mirror for each shard, thereby eliminating any single point of failure. Deploying in a cloud environment will require some extra configuration steps to ensure automatic redirection of incoming traffic to the primary node.

With database mirroring, application recovery time is typically reduced to seconds. The use of mirroring also enables minimal (or even zero) downtime upgrades.

An asynchronous mirror member can be set up at a remote site, and updated in near real time.
If the primary data center fails, your data will not be lost. Disaster recovery when both members are deployed in a public cloud is dependent on the provider capabilities, but can be achieved by setting up asynchronous members in different “regions,” or even between clouds from different providers.

Clustered systems are typically dependent on shared disk access, but with only one system active at a time.  If the active system fails, InterSystems IRIS is automatically started on another server that takes over the processing responsibilities. Users must sign back on to the new server, which may cause a noticeable delay. Virtualization HA works in much the same way.

Common Security Framework (CSF) - Certification from the Health Information Trust Alliance.

InterSystems, a leading data technology provider focused on solving critical challenges in scalability, interoperability, and speed, has achieved Common Security Framework (CSF) certification from the Health Information Trust Alliance (HITRUST) for our Managed Services US (MSUS) platform.

This certification sets a high standard, building on HIPAA and the HITECH Act, which mandate strict requirements for the use, disclosure, and protection of individually identifiable health information.

We’re thrilled to meet this benchmark, reflecting our commitment to security and innovation in healthcare.

InterSystems security has a number of major features and supports popular technologies:

  • System security provides tools to protect and harden instance-level security.
  • Auditing keeps a log of predefined system and application-specific events.
  • Authentication verifies the identity of all users.
  • Authorization ensures that users can access the resources that they need, and no others.
  • Encryption protects stored data from unauthorized access.
  • TLS (the Transport Layer Security protocol) creates protected channels for communications and data transmission.

You can use InterSystems IRIS along with other security products and tools (such as firewalls and the security features of operating systems) as part of a comprehensive solution to secure your computing environment. This is why the security features in InterSystems IRIS are designed to successfully interoperate with those of other products.

InterSystems Corporate Privacy Statement

InterSystems Corporation is a global company with employees, customers, business partners, job applicants, and website visitors interacting with us online, in person, as well as through phone and email.

This Privacy Statement (this “Statement”) will explain how we use your personal information regardless of what your relationship is with us and how it is received; please note, in our efforts to keep this user-friendly, depending on the context, other privacy materials may supplement this Statement.

For example, additional details relevant to job applicants may be found on our career pages. No matter what the scenario, however, InterSystems respects and values your privacy and will not sell your personal information

Global Trust Policy

The InterSystems Global Trust policy provides protections and safeguards through our people, processes, and technologies to ensure the legitimate use, proper disclosure, and minimal contact of any Personal, Sensitive, or Confidential Information.

Under this Global Trust policy, personal information includes all data that either (i) identifies or can be used to identify, contact or locate an individual, or (ii) relates to an individual, whose identity can be either directly or indirectly inferred, including any information that is linked or linkable to that individual regardless of any attributes or status of such individual.

This policy reinforces our Global Trust processes whether InterSystems is a Covered Business, Personal Information Processor, Data Controller, Data Processor, Business Associate, or Covered Entity.