PIMSY Now Hosted on Azure
by Leigh-Ann Renz, 10.29.15
Behavioral Health EHR Even More Secure!
PIMSY behavioral health EHR + Practice Management Software is pleased to announce that we are now hosting all of our data on Microsoft Azure. Microsoft is the only vendor positioned as a Leader across Gartner’s Magic Quadrants for Cloud Infrastructure as a Service, Application Platform as a Service, and Cloud Storage Services for the second consecutive year.
Microsoft is also the first cloud provider recognized by the European Union’s data protection authorities for our commitment to rigorous EU privacy laws. Microsoft was also the first major cloud provider to adopt the new international cloud privacy standard, ISO 27018.
This means that, with PIMSY, your client and practice data is being backed up, multiple times daily, to one of the world’s most secure Cloud providers, at three of their different geo-locations. We’re proud to join the “more than 57 percent of Fortune 500 companies” that rely on Azure.
Azure Keeps Your Data Safe
Microsoft has leveraged its decades-long experience building enterprise software and running some of the world’s largest online services to create a robust set of security technologies and practices. These help ensure that Azure infrastructure is resilient to attack, safeguards user access to the Azure environment, and helps keep your data secure through encrypted communications as well as threat management and mitigation practices, including regular penetration testing.
Azure protects PIMSY & patient data by:
- Adhering to HIPAA and HITECH protocols: Microsoft cloud services covered under the BAA are included through the audits conducted by accredited independent auditors for Microsoft’s ISO 27001 certification. They are also covered by the FedRAMP assessments that led to the Provisional Authority to Operate from the FedRAMP Joint Authorization Board (for Microsoft Azure); for an Agency Authority to Operate from the US Department of Health and Human Services (for Microsoft Office 365 U.S. Government); and from the US Department of Housing and Urban Development (for Microsoft Dynamics CRM Online Government). Read more here.
- Encrypting communications and operation processes: For data in transit, Azure uses industry-standard transport protocols between user devices and Microsoft datacenters, and within datacenters themselves – using 128-bit or 256-bit encryption. For data at rest, Azure offers a wide range of encryption capabilities up to AES-256.
- Securing networks: Azure blocks unauthorized traffic to and within Microsoft datacenters, using a variety of technologies. To further secure your HIPAA-covered practice records, all PIMSY data now resides within the Azure Cloud infrastructure. As always, PIMSY is immune to Browser-based attacks (remember Heartbleed?) - or the whims of Browser updates, plug-ins, add-ons and extensions. Click here for more information.
- Managing threats: To protect against online threats, Azure offers Microsoft Antimalware for cloud services. Microsoft also employs intrusion detection, denial-of-service (DDoS) attack prevention, regular penetration testing, and data analytics learning tools to help mitigate threats to the Azure platform.
Mental Health Data Protection
(sources include: Microsoft Azure)