FAQ's for Security and the Hosted Solution

Who has physical access to the servers where my data will be stored?
This question has become more relevant as hospital IT departments attempt to meet compliance for the Sarbanes-Oxley Act. The CAOS Server farm is maintained in a secure facility two stories below ground. To access the servers the CAOS IT staff must be admitted through a series of locked doors. A log is kept of all IT personnel when they enter and exit the facility. All IT staff are recognized by both hand print and with an identification card as they enter the server facility. Once the IT staff has reached the CAOS servers they must request a key from the security staff to unlock the final door for entry into the actual server room.

Will other Hosted customers be able to see my database when they log into the CAOS hosted web site?
Each hosted customer has a unique log in user name as well as a password which allows them access to their own database.

Who owns the data?
Customer data is always owned and controlled by the customer.

How is data stored for backup and retrieval?
CAOS offers multiple levels of backup for our customers depending on the requirements of their hospital IT staff. Our minimum requirements include 24 hour backup with all tapes stored in a bomb hardened vault. Additional security levels include, 4 hour automated backup, mirrored servers and off -site storage of tapes.

How can I securely interface my CAOS hosted solution with other hospital information systems?
This is done by establishing a secure VPN tunnel. CAOS also maintains a secure FTP site for large file transfers. Data is always double encrypted in transit to the CAOS server room.

CAOS would be happy to address any specific questions that you may have regarding security using the CAOS Hosted service. Please type your question below and one of our IT staff will reply to your question.