Boosting Client Data Protection

Posted by Frank Strafford on June 6, 2018 in Data Security,
client data protection

Streamline Verify takes data security very seriously. It maintains up-to-date security systems, performs enhancements as required and implements recommendations. The company is on track to integrate further safeguards to its cryptographic protocols. This is concerning the June 30, 2018 deadline in compliance with the PCI Data Security Standard (PCI DSS). It was established to ensure that current security standards are adhered to for the protection of client data.

A Brief History of Data Security

Transfer of data necessarily requires that online communications are protected. It does this by encrypting such data through a cryptographic protocol. The parties can freely transact through a secured channel, keeping their data safe and confidential.

Netscape introduced this Transport Security Layer process through the development of its Secure Sockets Layer (SSL) in the early 1990’s. It has received multiple upgrades to its  capabilities to successfully repel online attackers from accessing sensitive information. Modifications to the following cryptographic protocols were conducted: SSL 3.0 (1996), TLS 1.0 (1990) TLS 1.1 (2006) and TLS 1.2 (2008).

How Does Removing Old SSL/TLS Help?

Currently, SSL and early TLS are open to attacks resulting in potential exposure of delicate data it seeks to protect. Its vulnerabilities were laid bare by the BEAST and POODLE exploits. The latter especially, underscores SSL 3.0’s inability to defend against it. BEAST on the other hand, is a “man in the middle attack” (MITM) which can capture encrypted data and acquire session cookies.

In light of this, the PCI DSS has prescribed a 30 June 2018 deadline to migrate from SSL/early TLS to TLS 1.1 or higher. TLS 1.2 is more favorable to further decrease any risks of data breach. Online and e-commerce websites using SSL/early TLS encryption protocols were advised to implement the necessary upgrades to preclude POODLE exposure and similar exploits.

Streamline Verify Servers Are Already Secure

The Streamline Verify servers are not vulnerable to these attacks and other known SSL/TLS. The Streamline Verify application has an A+ rating at SSL Labs though it will not stop there. Our servers have transitioned to TLS 1.2 to further boost security measures. Moving forward, Streamline Verify will consider upgrading to the recently ratified TLS 1.3 once more browsers support it.

As such, outdated browsers that do not comply with current security standards are advised to upgrade them immediately. This includes Internet Explorer versions prior to version 11 that do not support TLS 1.1 and TLS 1.2 by default. Streamline Verify will no longer support TLS 1.0 or TLS 1.1 (even though removal of TLS 1.1 is not mandated by PCI).

Clients using outdated versions may experience service interruptions. The company apologizes for any inconvenience this may cause and is on hand to assist with any concerns.

About Frank Strafford

About Frank Strafford

Related Articles

Unprecedented Surge in OIG Exclusion List: ...

November 9, 2023

The Office of Inspector General (OIG) today updated the LEIE Downloadable List – an addition of a staggering 403 new names to the Exclusion List. This marks the highest number of new entries for the...

Understanding Waivers & the Duration of OIG ...

December 28, 2020

Exclusion Background As noted in past blog posts, HHS OIG Exclusions are comprehensive and significant. Exclusion from participation in federal healthcare programs can have a profound effect on a pro...

OIG’s Top Challenge Remains Medicaid ...

December 3, 2017

OIG Transparency In November, OIG released its 2017 report updating its top management challenges and strategic priorities. The first and second priorities continue to be Medicare and Medicaid program...

Understanding OIG Exclusions

OIG Exclusions Screening Process

Exclusion FAQS

Quick OIG Exclusion Basics

Employing Excluded Individuals

Consequences to Employing an Excluded Individual

OIG Compliance Law

Laws and Publications on OIG Compliance

More Compliance Resources

Our Culture

We build the best, so you can perform at your best.

Trusted for Good Reason

  • ✓ Guaranteed accurate
  • ✓ Certified Secure
  • ✓ Audit Proof
  • ✓ Feature-rich reporting
  • ✓ Round the clock real-time-data
  • ✓ Processing fully automated

Security First

  • ✓ Cloud hosted
  • ✓ Encrypted data
  • ✓ Real-time backups

Trusted for Accuracy

  • ✓ Physical security
  • ✓ Restricted access
  • ✓ Single sign-on
  • ✓ Password security
  • ✓ Certified secure
  • ✓ Cross checking

HEALTHCARE ESTABLISHMENTS NATIONWIDE COUNT ON STREAMLINE VERIFY

5

60%

Average workload reduction by implementing the Streamline Verify program

5

10K

Establishments trust Streamline Verify nationwide

5

2011

Serving the healthcare industry’s unique compliance needs since 2011

5

24X

Setting standards with hourly synchronization to primary source data