You can count on us to keep your data secure
We take the protection of your employees’ personal information very seriously. That’s why we’ve implemented state-of-the-art electronic security systems and certifications that exceed industry standards.
Ameriflex maintains a comprehensive HIPAA Privacy/Security Policy and an FTC Red Flags policy. Ameriflex uses an internal HIPAA committee led by a corporate HIPAA Privacy/Security officer. Additionally, every department that comes in contact with protected health information (PHI) maintains department-level procedures that are updated on a regular basis. All employees are trained and evaluated in part based upon compliance with HIPAA and Ameriflex security policies. All infrastructure, facilities and computer systems are governed by our HIPAA security procedures.
We take this commitment to HIPAA compliance a step further by contracting with an outside firm to perform a HIPAA audit every two years. The auditors provide an accurate and thorough assessment of any potential risks and vulnerabilities by examining our business processes, systems infrastructure, and access control. The auditors also perform vulnerability scans on external-facing and select internal infrastructure devices and servers in order to determine high-risk vulnerabilities, as well as operational details such as patch levels, configuration errors, and filtering rules. While the law does not require this audit, we have made it standard protocol so as to ensure that we are truly maintaining the highest data integrity levels possible.
Hosting Site Security
We maintain multiple hosting sites, both on-location with redundant backups between our Texas and New Jersey operations centers (with automatic failover), and off-location at geographically diverse data centers that exceed Department of Defense (DoD) standards for a Sensitive Compartmented Information Facility (SCIF). The security and reliability features of our data centers and network provider are too numerous to list; however, we boast 99.99%+ uptime. Ameriflex and all its subcontractors are SAS 70 or SSAE 16 (SOC1) Type II reviewed. All data transmitted to our self-service systems is done using PGP with customizable password and CAPTCHA requirements on a client-by-client basis.
Ameriflex employees undergo PHI and HIPAA training during their onboarding process. They are also instructed on a comprehensive visitor security policy at each facility location, as well as clean desk and computer workstation security policies.
Ameriflex has redundant operating centers in Texas and New Jersey, along with automatic database replication and system failover in the event that one site temporarily goes down. Critical systems and databases are not only replicated multiple times per day between the two operating centers, but they are also backed up and hosted in off-site datacenters. We run continuous database backups and store encrypted copies off-site per our SSAE 16 control list. We have a disaster recovery plan that takes advantage of our infrastructure and allows us to service clients from either of our operating centers; in addition, with the redundancies built into our systems and datacenters, clients can continue to self-service in the event of an outage at an office location.
Your privacy is very important to us. Accordingly, we have developed this Policy in order for you to understand how we collect, use, communicate and disclose and make use of personal information.
We are committed to conducting our business in accordance with these principles in order to ensure that the confidentiality of personal information is protected and maintained.
By accessing this website, you are agreeing to be bound by these website Terms and Conditions of Use, all applicable laws and regulations, and agree that you are responsible for compliance with any applicable local laws. If you do not agree with any of these terms, you are prohibited from using or accessing this site. The materials contained in this website are protected by applicable copyright and trademark law.
2. User License
Permission is granted to temporarily download one copy of the materials (information or software) on Ameriflex’s website for personal, non-commercial transitory viewing only. This is the grant of a license, not a transfer of title, and under this license you may not:
The materials on Ameriflex’s website are provided “as is”. Ameriflex makes no warranties, expressed or implied, and hereby disclaims and negates all other warranties, including without limitation, implied warranties or conditions of merchantability, fitness for a particular purpose, or non-infringement of intellectual property or other violation of rights. Further, Ameriflex does not warrant or make any representations concerning the accuracy, likely results, or reliability of the use of the materials on its Internet website or otherwise relating to such materials or on any sites linked to this site.
In no event shall Ameriflex or its suppliers be liable for any damages (including, without limitation, damages for loss of data or profit, or due to business interruption) arising out of the use or inability to use the materials on Ameriflex’s Internet site, even if Ameriflex or a Ameriflex authorized representative has been notified orally or in writing of the possibility of such damage. Because some jurisdictions do not allow limitations on implied warranties, or limitations of liability for consequential or incidental damages, these limitations may not apply to you.
5. Revisions and Errata
The materials appearing on Ameriflex’s website could include technical, typographical, or photographic errors. Ameriflex does not warrant that any of the materials on its website are accurate, complete, or current. Ameriflex may make changes to the materials contained on its website at any time without notice. Ameriflex does not, however, make any commitment to update the materials.
Ameriflex has not reviewed all of the sites linked to its Internet website and is not responsible for the contents of any such linked site. The inclusion of any link does not imply endorsement by Ameriflex of the site. Use of any such linked website is at the user’s own risk.
8. Governing Law
Any claim relating to Ameriflex’s website shall be governed by the laws of the State of Texas without regard to its conflict of law provisions.