Krixi CareTM delivers a highly scalable, secure, cloud-based service for remote evaluation and treatment of acute medical conditions such as stroke.
The security of your data and protection of patient information is built into the core of our service offering. Ensuring the security, confidentiality and integrity of patient data and hospital information is of the utmost importance to Krixi., as is maintaining the trust and confidence that our leadership team has built in healthcare and telemedicine since 2006.
Certifications and accreditations
Our servers, firewalls and network infrastructure are hosted in SAS 70 Type II audited data centers in the United States and are dedicated, single-tenant, high-availability servers configured specifically to run Krixi CareTM in a high-availability environment. Krixi is committed to deploying a HIPAA-compliant healthcare service, as it pertains to the protection of patient information resident on its servers.
Physical data security
Based on many years of experience in designing, hosting and managing cloud based applications that demand a high-level of security, our team has chosen one of the world's best data centers to host our servers, firewalls and network infrastructure. Physical access at these data centers is strictly controlled by professional security staff utilizing video surveillance, start of the art intrusion detection systems as well as other security control processes. Only authorized personnel, with a valid business reason to access the infrastructure are granted physical access on an as-needed basis.
Our firewalls are configured with a default deny-all policy for network access. Only authorized users have secure, remote access to our web based service over Virtual Private Network (VPN) tunnels. None of our servers, database or other systems are publicly accessible via the internet. This ensures that only authorized users log into our system using their dedicated VPN and login credentials, and with an audit trail which is monitored by our network management team.
Since our entire service is accessible only via a secure VPN tunnel, all data transmission, including audio/video, DICOM images and consult data are encrypted during transit. Moreover, patient identifying data is also stored in encrypted form at rest, in our databases. This means that patient identifying data is never stored or transmitted in human readable format at any point by our service.