The solutions that Amicus Sten-Tel provides are in full compliance with all applicable Federal and State regulations. Even though the final rules for the Security and Electronic Signature Standards under the Health Insurance Portability & Accountability Act (HIPAA) remain pending, we are integrating the recommendations, designing our solutions to meet the proposed requirements.

HIPAA's "Chain of Trust" requirements include specific technical and physical security features for data system components, identification of authorized users, control of access, data integrity, and backup/recovery to ensure availability and reliability. These include the following:

Authentication:
Authentication is ensured through the use of passwords and unique identifiers to establish user identity throughout the Amicus Sten-Tel system.

Authorization:
System-use authorization is based on client-defined, user, and role-based access rights. Through its data, program, system, and network integrity protocols, Sten-Tel PLATFORM ensures that only information which it specifies and authorizes is changed.

Audit Trail:
A complete record of the time, date, and identity of the person accessing the information within Sten-Tel PLATFORM is maintained and made available at all times. Individual jobs as well as a report format are available for audit trail compliance requirements. Logging access and changes to specific identities are addressed within the system as control measures.

System Security:
Our system actively monitors all activities to detect and prevent any breaches. Attempted unauthorized access at any point of the process triggers alarms and ensures security integrity.

Furthermore, HTTPS secure Internet transfer protocols, Secure Socket Layer (SSL) technology, 128-bit encryption, authenticated certificates, and password protection ensures that all file transfers are fully secured.

Disaster Prevention/Recovery:
Our data center complies with the highest level of industry standards. Detailed disaster prevention/recovery procedures manages and minimizes damage or disruption and ensures stability in case of a disaster. Our backup system is operational 24 hours a day. No data loss or interruption in service will occur in the event of system failure.

Data Processing:
Constant network surveillance, secured physical locations, backup generators, and encrypted transmissions between Amicus Sten-Tel servers and users ensure secured physical storage and transmission of all data.

Confidentiality:
We restrict access to all confidential information on our site and within Sten-Tel PLATFORM. Only select employees may access the system for administrative and support purposes. These employees are very limited in number and are committed to the Amicus Sten-Tel privacy and security policies. Amicus Sten-Tel employees execute comprehensive nondisclosure agreements which provides explicit legal confidentiality protections.

Client data security is our greatest importance, both for HIPAA compliance and e-commerce. All e-commerce transactions with Amicus Sten-Tel are conducted with the same high-level security protocols that banks and the US government utilize. In addition, Amicus Sten-Tel guarantees that all personal data/information is never rented, sold, or shared with any outside interest for any reason.