We comply to the POPI Act supported by SEESA.  Security and protection of information and data are very important to us and do everything possible to mitigate risks. Similar to other remote but U.S.-based business office staff, 4R employees will be connecting to virtual machines in the Plano, TX office via a SonicWALL SSL VPN appliance. In this case, the communication channel is encrypted using SSL. SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link and ensures all data remains private and integral. This is an industry standard. 

As it relates to security protocols within the GAFFEY offices, the following exists:

  • Utilize Vipre protection for antivirus.
  • Malware protection provided via Vipre for all PCs and servers.
  • Utilize a SonicWall and pfsense for Firewall protection.
  • Cell phones and tablets connect via isolation of Wi-Fi from internal network.
  • Backups of all vital systems via Azure Backup, which is stored locally as well as in the cloud. 
  • Annually conduct security training for all associates.

Lastly, and as required with every GAFFEY employee, is adherence to HIPAA and IT security policies. Given the manner in which 4R employees are connection to our systems, there is no unauthorized use of PHI outside the U.S. They are only able to view and interact with patient information as accessed through local machines. They have no ability to download, print, etc. BAAs with our customers address covers how PHI can be used, how it can be disclosed and how an unauthorized disclosure or security incident gets reported. Our BAA with 4R addresses the same obligations. GAFFEY will be monitoring closely all staff account activity but certainly expect their work product to be with the same integrity as we would expect of any other employee.