1. The databases are designed to keep genetic data and phenotypic data separate from personal account information.
2. Storage of certain personal information such as account information is encrypted.
3. The network perimeters are protected with firewalls.
4. All connections to and from our web portal are encrypted with a VeriSign SSL Certificate with Extended Validation (EV) and server-gated cryptography (SGC). This is the most trusted and secure option for SSL.
5. Internal and external audits of perimeter and software code security are performed.
Employees' use of the databases is monitored and records of all access to personal information are maintained.
1. Access to the building housing the Coriell data center requires an electronic keycard badge ID for entry into the facility.
2. Physical access to internal servers is restricted to authorized personnel.
2. Annual privacy and security training is required for employees with access to personal information.We meet HIPAA IT requirements