System Security and Information Governance

Sunday, May 20, 2012

Home

About Us
       Blueteq Difference
       Supporting Your Organisation

Products
       Individual Funding Request
       High Cost & Pbre Drugs
       Low Priority Procedures
       Shared Patient Care System
       Survey & Valuation Software

Services

Support

Contact Us
       Enquiry
       Location & Contacts

You are here

System Security

v The system is delivered via the SSL (Secure Sockets Layer) protocol using 256 bit encryption, forming a secure tunnel between the browser and the server.

v The system uses .NET Forms Authentication, a sophisticated method implemented by Microsoft within ASP.Net. This delivers the functions that you would expect including:

Ø Strong passwords - length, specification of alpha/numeric characters, duplication of characters etc.,

Ø Password expiry - passwords expire and users challenged to reset them every 90 days (or as desired)

Ø Exceeding the maximum number of failed login attempts locks the user out .

Ø Password resets can be carried out by those with "super user" status.

Ø Areas of the system can be secured according to the security roles defined in the User status. These are configurable based on customer requirements and the process that is followed.

Information Governance Arrangements

v Our responsibilities regarding third party access arrangement to patient identifiable data is defined in our Service Level Agreement (SLA).

v This section in the SLA includes a commitment to adhere to our client's security and information governance policies and therefore we would require copies of both of these documents.

v All Blueteq employment contracts include a section on their responsibilities with regard to patient identifiable data

Blueteq Server Farms

v The Blueteq Server Farms are located in two separate data centres in Fareham, Hampshire. These two locations offer state of the art security and resilience technologies, far exceeding existing NHS security and audit policies. The following describes the major features in detail:

Ø Power: Mains power is fed from a substation into an advanced online Riello UPS system in an N+1 configuration providing clean and constant power to the server racks. In the event of a mains power failure the UPS systems continue to provide full power whilst the high-capacity Volvo diesel generator starts up to provide full power to the entire building. Diesel fuel is stored on-site to keep the generators running for several days.

Ø Fire Suppression: A VESDA smoke detection system utilising laser particle analysis monitors the server room and floor void for the very early signs of pre-combustion. In the event of a fire the system automatically activates the FM200 gas suppression system which will extinguish any fire in seconds without damaging equipment.

Ø Climate Control: High capacity under-floor Denco air conditioning units maintain a constant temperature and humidity level in an N+1 configuration.

Ø Security: The server areas are protected by an advanced access control system, 30 colour CCTV cameras, electronic security shutters, air-lock entry pods to the server floor and an advanced intruder detection system. All visitors are issued with electronic passes which control and track their progress through the building.

Ø 24/7 engineering support

Download this document

Home | About Us | Products | Services | Support