With Azure, PIMSY keeps your data safe, secure, and HIPAA-compliant

PIMSY mental health EHR is pleased to announce that we are hosting all of the data on Microsoft Azure. Microsoft is the only vendor positioned as a Leader across Gartner’s Magic Quadrants for Cloud Infrastructure as a Service, Application Platform as a Service, and Cloud Storage Services for the second consecutive year.

Microsoft is also the first cloud provider recognized by the European Union’s data protection authorities for its commitment to rigorous EU privacy laws. Additionally, Microsoft was the first major provider to adopt the new international cloud privacy standard, ISO 27018. This means that, with PIMSY, your client and agency data is backed up multiple times daily to one of the world’s most secure cloud providers. We’re proud to join the “more than 57 percent of Fortune 500 companies” that rely on Microsoft Azure.

Azure Keeps Your Data Safe

Microsoft has leveraged its decades-long experience building enterprise software and running some of the world’s largest online services to create a robust set of security technologies & protocols. They help ensure that Azure infrastructure is resilient to attack, safeguard user access to the Azure environment, and protect your data through several methods. These include encrypting communications, threat management & mitigation practices, and regular penetration testing.

PIMSY hosted on Azure protects your data by:

• Adhering to HIPAA and HITECH protocols:  Microsoft cloud services covered under the BAA are included through the audits conducted by accredited independent auditors for Microsoft’s ISO 27001 certification. They are also covered by the FedRAMP assessments that led to the Provisional Authority to Operate from the FedRAMP Joint Authorization Board (for Microsoft Azure); for an Agency Authority to Operate from the US Department of Health and Human Services (for Microsoft Office 365 U.S. Government); and from the US Department of Housing and Urban Development (for Microsoft Dynamics CRM Online Government). Get the details here.

• Encrypting communications and operation processes: For data in transit, Azure uses industry-standard transport protocols between user devices and Microsoft data centers and within data centers themselves – using 128-bit or 256-bit encryption. Azure offers a wide range of encryption capabilities for data at rest, up to AES-256.

• Securing networks:  Azure blocks unauthorized traffic to and within Microsoft data centers using a variety of technologies. To further secure your HIPAA-covered practice records, all PIMSY data resides within Azure infrastructure. Due to its unique, secure architecture, PIMSY is immune to Browser-based attacks – and the whims of Browser updates, plug-ins, add-ons, and extensions.

• Managing threats: To protect against online threats, Azure offers Microsoft Antimalware for cloud services. Microsoft also employs intrusion detection, denial-of-service (DDoS) attack prevention, regular penetration testing, and data analytics learning tools to help mitigate threats to the Azure platform.

Compliance Details & 42 CFR Part 2

PIMSY is compliant with 42 CFR Part 2, in addition to HIPAA: click here for details. For more information about how PIMSY hosted on Azure can help protect your agency’s data, contact us: 877.334.8512, ext 1 – hello@pimsyehr.com

(sources include: Microsoft Azure)