—PRIVACY STATEMENT AND AGREEMENT—–
By clicking one of our affiliated websites forms or newsletter sign up check-boxes you are agreeing to the following.
I also understand that my information will only be used for these purposes and will never be sold, shared, redistributed or disclosed with third-parties for any reason as this would be a breach of HIPAA’s policies and compliance if the information being submitted contains any medical information of the individual.
Although very rarely do we need do this, we generally never ask for personal or sensitive medical information online.
Below is a non-traditional simplified version with a few explanations of our official security statement as viewed on all of our affiliated medical websites.
We take your privacy and security very seriously, all information and data submitted to and from our websites, servers and landing pages are encrypted upon transmission via SSL or TLS and stored on our database in a secure undisclosed encryption type in compliance with HIIPA standards for data and information assumed or classified as *”ePHI”. *”Electronic Protected Health Information” – and *”PII” Personally Identified Information.
- All information that falls under “ePHI” regardless of “PII” or not, is only viewed by a certified RN or Doctor and is never seen by non-certified non-authorized medical trained staff.
- All information that falls under “PII” regardless of “ePHI” and other data or not, is encrypted during transmission and can only be viewed by an authorized administrator with undisclosed encryption type security key and 16 character password. This data is stored on a special server that only allows inbound data, it blocks and prevents all outbound traffic with the exception of ports 443 (SSH) and 1443 (SQL Database) for remote administrative purposes.
Dr. Yoo D.C. being only 1 of the 2 people with this “key”. (This key is kept on an external offline device for both administrators).
What is all this talk about ePHI and PII and why should i care about that ? -> click here (pdf)
What does this talk about encryption mean? – Even if someone was to gain access to the server/database and was able to view the data, without the key and password the information would be human unreadable made up of completely random characters of numbers and letters.
We use a undisclosed unnecessarily high level type of encryption to protect your information once it is in the database and to protect from future would be “hackers”.
So how “secure” is this ?
Theoretically if someone was to attempt to de-encrypt this information they would need 10 Watson type super computers or 50 high end cryptocurrency rigs to achieve this within a time-frame of roughly about 800 years…. if they are lucky.
Realistically is virtually impossible.