Security

At Scan123, we take your security seriously

The following information outlines the system and security parameters Scan123 has deployed to ensure a secure, redundant system with high availability. This system is designed and managed to give authorized users of Scan123 24/7 access to the data and files stored within. The access methods for storage and retrieval were designed to give customers a variety of security controls and flexibility needed to safely replace past paper storage practices.

AES Encryption

Scan123 fully implements security procedures widely accepted in the banking industry and the Federal Government, so you can rest assured that your data is safe and secure. 128-bit AES encryption is certified by the NSA for information classified up to the SECRET level, while TOP SECRET information requires the use of 256-bit AES encryption.  Because we value the privacy of your data, we use the more secure 256-bit encryption throughout all phases of data storage, retrieval and backup.

SSL Encryption

HTTPS refers to the combination of a normal HTTP web connection over an encrypted Secure Sockets Layer, (SSL) to ensure protection from eavesdroppers and hacker attacks. If an eavesdropper were to gain access to encrypted data, the data would be unreadable and thus, unusable to them.

Storage and Retrieval

We are often asked if Scan123 is compliant with the above regulations and want our customers to understand that Scan123 provides fully encrypted access to your data. During transmission, storage, and encrypted offsite backups Scan123 will give your company the opportunity to operate in a  fully compliant manner when implemented properly. Remember, there is no official “certification” process for products that assist your business in compliance with the myriad of privacy and security legislation that is part of today's business.

Compliance and Regulation

Scan123 assists your company in complying with Federal and State regulations such as HIPAA, Sarbanes-Oxley, GLB etc. Sarbanes-Oxley applies to all public companies and accounting firms. HIPAA applies to health care insurance and health care providers. However, HIPAA policy also applies to the health-related employee information stored by any public company.  The applicable stored-information may vary from customer's private credit or health information to corporate financial statements. To implement compliance, there is no one technology or solution. For each regulation, you need to undertake a security and privacy review of your businesses unique environment against the specific regulations.

Internally

We follow the "Principle of least Privilege" so a limited group of trusted personnel have access only to the information and resources that are necessary to do their job. For example: to access, test, and run data backups or, with your permission, be granted access to your Company Account to provide troubleshooting or assistance.

If you feel that this site is not following its stated information policy, please let us know