Managing Your Data and System ... Securely

 

Data Security and Disaster Recovery

Brightree knows that security and disaster recovery are critical to the success of your HME business. We also know that different employees have different information access needs within your organization. That is why Brightree gives you both the flexibility and

Photos of Brightree Data Center

power with the User Group Function to assign appropriate permission levels for each individual employee. Brightree’s flexible administrative tool also allows you to assign certain permissions at the User Group level. Access throughout the system is user date stamped to assist you in becoming HIPAA compliant.

Data is the foundation of your business. From inventory management to patient records and insurance claims, your information is one of your most important assets. Brightree takes the security of your data very seriously -- because your data is our business. Brightree's disaster recovery and data redundancy plan is multi-tiered to ensure your data is safe and available to you 24/7. The Brightree system design gives you data security in many ways, including:

  • Your data is safe - managed in a $150M data center, there is nightly backup of data and redundant storage onsite and offsite.
  • The host data center is a tier 1 Internet provider with "stand alone" system support for power and water.
  • All data moving across the Internet is encrypted via 128 bit secure socket layer encryption - this meets HIPAA requirements.
  • Each customer has an individual partitioned database, which is not shared with anyone else.
  • The Brightree system uses 128 bit encryption Secured Socket Layer (SSL) for secure access from your system to ours. (Most web sites use SSL (https) for credit card transactions only -- Brightree uses SSL for every bit of data transferred, including all reports, to insure privacy).
  • Brightree has protective firewall systems which prevents customer data from being hacked into by outsiders (Access to the data from outside the data center requires multiple levels of encryption to provide a secure environment).
  • The data center itself enforces 7 layers of security to gain physical access to the server cabinets where your data is housed, including:

    1. Crash barriers at front of building
    2. Single point of entry/exit to building
      1st Door - Badge required to open door after hours
    3. Security Desk - ID badge required for check-in
    4. 2nd Door - ID badge + fingerprint scan required
    5. 3rd Door - ID badge + fingerprint scan required
    6. 4th Door - Iris Scan
    7. Server Cabinet - Combination Lock


Connectivity

The Brightree data center has two DWDM fiber systems running over redundant and diverse fiber connections. Each of the two fiber runs are ring-protected SONET. Brightree is running two OC-48s from our 55 Park Place Super POP to the Data Center, which will be upgraded to OC-192. The fiber electronics currently deployed support 128 OC-192 circuits each for a total of 256 OC-192s or 2.56 terabits a second. The fiber is terminated in the Brightree data center in a pair of Cisco backbone routers. A second pair of Cisco routers connects directly to the backbone routers, giving Brightree complete redundancy. Gigabit Ethernet is used in a trunked configuration to connect from the Cisco routers to the first layer of Ethernet switches in the data center. This aggregation layer of switches is then trunked to the switches that provide connectivity to the customer equipment in the cabinets. The cabinets are fed with dual, redundant Ethernet connections in 10Mb, 100Mb or 1Gb (1000Mb) feeds.


Disaster Recovery & Environmental Controls

  • POWER: The host facility is supplied with power from two separate grids. The Constant Power System (CPS) or Diesel UPS, feeds a power bus for the building. This configuration requires no batteries and does not require a cutover of the customer power to provide continuous power.
  • FUEL: The host facility stores 78,000 gallons of diesel fuel for multiple farm generators. They have contracts in place for immediate fuel replenishment in the event of an emergency; however, they would have to run at full capacity for 48-hours to even approach this point.
  • COOLING: The host facility uses a water chiller system comprised of dual chilled pipes under the data center floor to handle cooling requirements beyond peak capacity of the Data Center. They have 500,000 gallons of water on-site and contracts in place for access to water reserves.
  • FIRE: The host facility has a series of interdependent fire detection and prevention systems which are engineered/programmed to respond at different times during an emergency depending on the severity and locale of the situation.