Providing data security, disaster recovery, and reliable uptime is important to ensuring your operation can rely on our services. We utilize advanced tools, including 24/7 monitoring, and host our services on the Microsoft Azure Cloud platform. Microsoft cloud services are audited at least annually against SOC 1/SSAE18 and SOC 2/AT Section 101 and ISAE 3402 standards.
24/7 monitoring
Transaction log backups every 5 minutes, incremental data backups hourly, and full data backups daily
Redundant data
and application servers
Secured on the
Microsoft Azure Cloud platform
24/7 Monitoring
Intrigma systems are monitored 24/7 in one minute intervals for network connectivity, database availability, and API functionality. In case of a failure, alerts are immediately sent to Intrigma’s IT staff.
Backup and Disaster Recovery
Intrigma systems are hosted by Microsoft Azure. We maintain mirrored database servers to ensure data is available in case of an outage and utilize redundant web and application servers to ensure that a functional alternative exists in case of a disaster. Full data backups are performed daily, incremental data backups are performed hourly, and transaction log backups are performed every 5 minutes.
HIPAA and Use of PHI with Intrigma Products
Under the Health Insurance Portability and Accountability Act (HIPAA), certain information about a person’s health or health care services is classified as Protected Health Information (PHI).
While storing PHI in Intrigma’s solution is not required for normal uses of Intrigma’s software products, our Enterprise Edition solutions can be used in connection with PHI including electronic data exchange with health record systems. Such a data exchange can be accomplished in a secure manner using Intrigma’s application programming interface (API). To learn more about integrating external solutions, please contact our support team at support@intrigma.com.
Intrigma customers who are subject to HIPAA and would like to use Intrigma’s application with PHI must sign a Business Associate Agreement (BAA) with Intrigma. Administrators can request a BAA before using Intrigma services with PHI. Intrigma offers a BAA covering Intrigma Enterprise Edition services.
Intrigma customers are responsible for determining whether their Intrigma implementation is subject to HIPAA requirements and whether they use or intend to use Intrigma services in connection with PHI. Customers who have not entered into a BAA with Intrigma must not use Intrigma services in connection with PHI.
Intrigma Enterprise Edition clients can request HIPAA Implementation guidance to understand how to organize data on Intrigma services when handling PHI. This guidance is intended for individuals in security and information systems roles who are responsible for HIPAA compliance.
Vulnerability Testing Procedures, Firewalls, Transit Security, and Encryption
Intrigma has established policies and procedures and runs regular automated vulnerability tests on its systems. We employ a firewall to prevent unauthorized access to sensitive services and data.
Intrigma’s solution has three user interfaces:
1.
A website designed to serve employees and medical staff for day-to-day activities including submitting and viewing monthly work schedules. Browser traffic to this site is encrypted using a 2048-bit Extended Validation Secure Socket Layer (SSL) certificate.
2.
A mobile app designed to help users complete basic scheduling tasks including submitting requests, viewing the schedule, and making swaps. Traffic between the mobile app and Intrigma’s backend systems is also encrypted using a 2048-bit SSL certificate.
3.
A Remote Desktop interface, accessible to schedulers only. Remote Desktop traffic is built on top of a security mechanism called CredSSP, which uses Transport Layer Security (TLS) for authentication and encryption with a 2048-bit SSL certificate.
Service Availability and Maintenance
Intrigma’s goal is to provide service availability of 99.9% or better, excluding scheduled maintenance. We have consistently performed well above this goal. Generally, regular maintenance is scheduled for off-peak hours (typically between 12am and 8am US Eastern Time) with at least a seven day advance notice. Emergency maintenance may be scheduled on shorter notice. Schedulers, administrators, and IT staff can subscribe to our operations mailing list to be advised of upcoming maintenance windows.
Integrations and Customization
Intrigma utilizes some of the latest agile project management and software development tools and techniques including continuous integration (CI) and test-driven development (TDD) to ensure that needed features are built and delivered accurately and quickly. New features are developed and released in an iterative fashion, ensuring that our clients can take advantage of new features that have been released while others are still being developed and that the features delivered are exactly those that were needed. We review all new features and assess them for potential security risks before releasing them.
Last modified: September 19, 2017
Intrigma is a leader in physician scheduling software. We’re focused on reducing costs, saving time, and improving staff morale for physicians, medical groups, hospitals, and nurses.
Privacy Terms of Use Security
