Security

Last Updated November 14, 2011

Who is Your Insurance Inc. ("WIYI") acts as a trusted confidential application service provider dedicated to providing secure Internet services for medical provider.

WIYI employs a high degree of security consciousness. The environment at WIYI currently encompasses the highest level of security as well as the Health Insurance Portability and Accountability Act of 1996 (HIPAA) security tenets that of the proposed regulations. The overall priorities of WIYI as an organization are to ensure security and be fully compliant with all HIPAA regulations, proposed and finalized. Access, integrity, availability, ownership, authorization, dependability, authentication, and confidentiality are all major considerations within the WIYI Security Policy.

WIYI upholds its stringent Security Policy with the following security measures:

Role-Based Usage. WIYI grants varying degrees of access to users with different levels of authority within a provider practice.

Encryption. All communication between you and the WIYI server is secured by using SSL AES 256-bit encryption. This is the highest level of encryption currently available commercially.

Data Security. WIYI takes all measures to secure your data on our servers, in our data center. Our data center is both physically and electronically secured. Our servers are isolated from the Internet by using a firewall which is a hardware and software system that blocks access by unauthorized parties. Our data centers are certified to meet the highest standards and regulatory compliances such as HIPAA, PCI, and Sarbanes-Oxley.

Confidentiality. WIYI has internal policies that keep your data private and confidential. We will not share your data with any third party. Your data is your data only.

Login ID and Password. Access to your account is controlled by a login ID and a password, which you chose. Strict login ID and password rules virtually eliminate the unauthorized user from gaining access. We do NOT store a plain text version of your password. Your password is stored using a one-way hash key and verified using the same one-way hash every time you login, which means no one at WIYI knows what password you have chosen. If you ever forget your password, we force you to choose a new one using an email verification check.

Auto-Logoff. WIYI protects you against accidentally leaving your personal information active on a computer browser screen. The WIYI service ends your session if you are logged in to WIYI but have not actively used the service for a set period of time. This prevents others from accessing your account when you leave a session and forget to log out.

Digital Certificates. WIYI uses a digital certificate that gives you the confidence that you are connected to a site operated by WIYI, and authenticated as such.

Sensitive Information. WIYI handles all your health information with respect to its confidentiality and privacy. We ask that you follow your provider's policy on communicating sensitive information in their practice.