MiraiCure Pvt. Ltd provides 100% HIPAA-HITECH compliant operations and maintains compititive Global Standards.
Here are the various measures adopted to ensure the highest level of compliance with the stringent demands of these critical data privacy and security standards.
1. PHYSICAL ACCESS
- Photo ID cards are given to all representatives, which they are needed to wear consistently inside the office premises.
- Regular analysis and periodic examination of access logs to search for unauthorised entry attempts
- Access is confined and constrained by Bio-Metric and vicinity card framework.
- Access is allowed on a least-advantage standard and designed on a for every representative premise
- Safety staff on 24-hour duty inside and outside the facility secure all entry and exit points.
- Logging of guest subtleties like name, section/leave time, contact individual's name, verification of ID, mark, and explanation behind the visit in a register saved for the reason.
- For a period of ten years, the physical register is held.
- Activity recordings are kept securely on the internal hard disc of the central DVR for six months and then backed up to an external storage facility.
- Random day-to-day monitoring of recorded recordings by intelligence personnel.
- CCTV control, recording, of all input/exit points and within the production floor.
4. VENDOR ACCESS
- Vendors are needed to consent to a classification arrangement prior to visiting vulnerable regions like the data/network core and the power supply control centre.
- Vendors are accompanied and guided by security staff and directed consistently either by a worker or by security faculty.
5. MOBILE PHONE USAGE
- Cell phone use is carefully limited inside the premises with the exception of approved supervisors.
- Any remaining representatives are needed to store their telephones in the storage box prior to entering the office.
6. PERSONAL BAGGAGE
- No Bags or packs of any kind are permitted inside the office.
- All packs are needed to be kept in the storage boxes put outside the production floor.
7. NETWORK AND APPLICATION USAGE
- User access to shared drives is regulated by group policy.
- No wireless connection points are introduced inside the office premises.
- A Leading Directory Service is utilized to make special user ID's for specific users.
- Password specifications are based on strict length, sophistication, account lockout, duration and background compliance.
- Admittance to USB or other mass storage gadgets is obstructed on workstations.
- Admittance to storage gadgets is controlled utilizing Domain Group Policy designed in a Windows-based framework.
- Admittance to printers is permitted to approved representatives as it were.
- The firewall is set, of course, to deny all traffic passing between networks except where, in any event, explicit ports and administration-related requirements are indicated.
- Top of the line Centralized Threat Management Framework (UTM) for filtering network traffic.
- Web traffic controlled utilizing content filter , URL filter, and application filter frameworks.
- Port mapping for traffic between virtual LANs and from external networks.
- Network Address Translation (NAT) administrations are empowered to shroud internal servers.
- Firewall logs are kept up for all traffic for a very long time and along these lines filed for 1 year
- Interruption Prevention Systems (IPS) are given by the UTM framework (utilizing a top of the line Firewall framework).
- IPS administrations are refreshed progressively and licenses restored every year.
9. VPN (VIRTUAL PRIVATE NETWORK)
- Site-to-site IPSec VPN tunnels are used to safely link to a client network. The utilization of VPN associations can be a successful method of getting back among numerous different methods.
- Admittance to the internal network is confined to approved representatives just by means of client-to-site VPN associations.
- VPN (site-to-site) links are locked by IP gateway addresses installed by both the facility and the clients firewalls
10. REDUNDANCY MANAGEMENT
- Both server and network systems are backed up by powerful UPS rack-mounted systems.
- Power backup delivered by a powerful UPS and a diesel generator units.
- A fully redundant network stack is maintained.
- Two ISP connections are installed in an active mode.
11. VIRUS & MALWARE PROTECTION
- A unified anti-malware infrastructure is being implemented to provide security against viruses and other malware.
- Additional security from outside malware assaults is given by the gateway firewalls.
- Programmed update of virus definitions and security patches.
- Centralized operating system patch management system implemented using an automated server update system to maintain critical upgrades and security patches.
12. OTHER SAFETY MEASURES
- Fire dousers are put at all critical zones inside the premises.
- Half-year fire drills are held to assess the efficacy of fire prevention procedures.