

Providing data security, disaster recovery, and reliable uptime is important to ensure your operation can rely on our services. We utilize advanced tools, including 24/7 monitoring, and host our services on AWS. The data and computational facilities used by Intrigma are audited at least annually against SOC 1/SSAE18 and SOC 2/AT Section 101 and ISAE 3402 standards. Additionally, Intrigma performs an annual SOC 2 Type 2 + HITRUST audit.

HIPAA and ePHI
Under the Health Insurance Portability and Accountability Act (HIPAA), certain information about a person’s health or health care services is classified as electronic Protected Health Information (ePHI).
Intrigma’s software products can be used in connection with ePHI including electronic data exchange with health record systems. Such a data exchange can be accomplished in a secure manner using Intrigma’s application programming interface (API). To learn more about integrating external solutions, please contact our support team at info@intrigma.com. Integrations are typically subject to a Business Associate Agreement (BAA).

24/7 monitoring

Transaction log backups every 10 minutes and full data backups every 6 hours

Redundant data
and application servers

Secured on the
AWS hosted cloud

24/7 Monitoring
Intrigma systems are monitored 24/7 in one minute intervals for network connectivity, database availability, and API functionality.

Backup and Disaster Recovery
Intrigma systems are hosted on AWS. We maintain multiple database servers using the latest high-availability architecture to ensure data is available in case of an outage as well as redundant web and application servers to ensure that a functional alternative exists in case of a disaster. Full data backups are performed every 6 hours and transaction log backups are performed every 10 minutes.

Vulnerability Testing Procedures, Firewalls, Transit Security, and Encryption
Intrigma maintains security policies and procedures and runs regular automated vulnerability and penetration tests on its systems. We employ an advanced firewall to prevent unauthorized access to sensitive services and data.
Intrigma’s solution has three user interfaces:
1.
A website designed to serve employees and medical staff for day-to-day activities including submitting and viewing monthly work schedules. Browser traffic to this site is encrypted using a 2048-bit Extended Validation Secure Socket Layer (SSL) certificate.
2.
A mobile app designed to help users complete basic scheduling tasks including submitting requests, viewing the schedule, and making swaps. Traffic between the mobile app and Intrigma’s backend systems is also encrypted using a 2048-bit SSL certificate.
3.
A Remote Desktop interface, accessible to schedulers only. Remote Desktop traffic is built on top of a security mechanism called CredSSP, which uses Transport Layer Security (TLS) for authentication and encryption with a 2048-bit SSL certificate.

Service Availability and Maintenance
Intrigma’s goal is to provide service availability of 99.9% or better, excluding scheduled maintenance. We have consistently performed well above this goal. Generally, regular maintenance is scheduled for off-peak hours (typically between 12am and 5am US Eastern Time) with at least a seven day advance notice. Emergency maintenance may be scheduled on shorter notice. Schedulers, administrators, and IT staff can subscribe to our operations mailing list to be advised of upcoming maintenance windows.

Integrations and Customization
Intrigma utilizes some of the latest agile project management and software development methodologies.
Updated: January 2022