TEAM ensures security and data protection by the number of measures including but not limited to:
- Office building with access card entrance.
- Server environment with authorized personnel access only.
- Dual power supply with uninterruptable power supply units for server environment.
- Dual Internet Providers with failover capability.
- Business Continuity, Backup and Disaster Recovery procedures.
- Ability to establish VPN and/or RDP access from/to external client’s systems.
- Source control systems, document repositories, all the customer data have their own access permissions sets for relevant employees only.
- IP rights protection through employment agreements and corporate structure.
- Being an American company, all the relationships with our clients are regulated by the US legislation, including intellectual property rights and data protection.
TEAM is using best practice in security and data protection:
- ISO 27001 – using its recommendations in providing information security measures.
- BS 25999 – using its recommendations in providing business continuity measures.
HIPAA: TEAM International approach
As a HIPAA compliant company we act in accordance with Security Rule & Privacy Rule of HIPAA. Being a Business Associate we provide our services under HITECH Act and HHS Omnibus Rule. In order to protect health data created, received, maintained, or transmitted electronically TEAM Int. according to HIPAA Security Rule implemented Administrative, Technical and Physical Safeguards. All employees that interact with PHI during the development process must go through trainings that are designed to help them know and understand policies and procedures of handling PHI. To meet these requirements we require our developers to sign off on two engagement agreements to meet HIPAA requirements for healthcare companies.
- EMPLOYEE AND CONTRACT STAFF IT SECURITY POLICY
- CONTRACTOR CONFIDENTIALITY AGREEMENT