Boosting Client Data Protection

Posted by Frank Strafford on June 6, 2018 in Data Security,
client data protection

Streamline Verify takes data security very seriously. It maintains up-to-date security systems, performs enhancements as required and implements recommendations. The company is on track to integrate further safeguards to its cryptographic protocols. This is concerning the June 30, 2018 deadline in compliance with the PCI Data Security Standard (PCI DSS). It was established to ensure that current security standards are adhered to for the protection of client data.

A Brief History of Data Security

Transfer of data necessarily requires that online communications are protected. It does this by encrypting such data through a cryptographic protocol. The parties can freely transact through a secured channel, keeping their data safe and confidential.

Netscape introduced this Transport Security Layer process through the development of its Secure Sockets Layer (SSL) in the early 1990’s. It has received multiple upgrades to its  capabilities to successfully repel online attackers from accessing sensitive information. Modifications to the following cryptographic protocols were conducted: SSL 3.0 (1996), TLS 1.0 (1990) TLS 1.1 (2006) and TLS 1.2 (2008).

How Does Removing Old SSL/TLS Help?

Currently, SSL and early TLS are open to attacks resulting in potential exposure of delicate data it seeks to protect. Its vulnerabilities were laid bare by the BEAST and POODLE exploits. The latter especially, underscores SSL 3.0’s inability to defend against it. BEAST on the other hand, is a “man in the middle attack” (MITM) which can capture encrypted data and acquire session cookies.

In light of this, the PCI DSS has prescribed a 30 June 2018 deadline to migrate from SSL/early TLS to TLS 1.1 or higher. TLS 1.2 is more favorable to further decrease any risks of data breach. Online and e-commerce websites using SSL/early TLS encryption protocols were advised to implement the necessary upgrades to preclude POODLE exposure and similar exploits.

Streamline Verify Servers Are Already Secure

The Streamline Verify servers are not vulnerable to these attacks and other known SSL/TLS. The Streamline Verify application has an A+ rating at SSL Labs though it will not stop there. Our servers have transitioned to TLS 1.2 to further boost security measures. Moving forward, Streamline Verify will consider upgrading to the recently ratified TLS 1.3 once more browsers support it.

As such, outdated browsers that do not comply with current security standards are advised to upgrade them immediately. This includes Internet Explorer versions prior to version 11 that do not support TLS 1.1 and TLS 1.2 by default. Streamline Verify will no longer support TLS 1.0 or TLS 1.1 (even though removal of TLS 1.1 is not mandated by PCI).

Clients using outdated versions may experience service interruptions. The company apologizes for any inconvenience this may cause and is on hand to assist with any concerns.

About Frank Strafford

About Frank Strafford

Related Articles

Powerball and The Compliance Officer

January 13, 2016

The exhilaration of tonight’s $1.5 billion Powerball drawing is attracting even people who don’t typically play the lottery. And, in many organizations, employees are pooling their resources with ...

Can OIG Exclusion Wreck My Career ...

August 3, 2015

We picked this one up from allnurses.com, an open forum for nurses and nursing students. HELP! I just learned that I've been on the OIG Exclusion list since Jan 2003 following my RN license surrender ...

Exclusion Screening & the Affordable Care Act

November 30, 2020

If the Affordable Care Act (ACA) is repealed – the potential effect on program integrity protections remains unclear. Over the last few years, the effect of an ACA repeal on health care and healt...

Understanding OIG Exclusions

OIG Exclusions Screening Process

Exclusion FAQS

Quick OIG Exclusion Basics

Employing Excluded Individuals

Consequences to Employing an Excluded Individual

OIG Compliance Law

Laws and Publications on OIG Compliance

More Compliance Resources

Our Culture Icon Small

Our Culture

We build the best, so you can perform at your best.

Trusted for Good Reason

  • ✓ Guaranteed accurate
  • ✓ Certified Secure
  • ✓ Audit Proof
  • ✓ Feature-rich reporting
  • ✓ Round the clock real-time-data
  • ✓ Processing fully automated

Security First

  • ✓ Cloud hosted
  • ✓ Encrypted data
  • ✓ Real-time backups

Trusted for Accuracy

  • ✓ Physical security
  • ✓ Restricted access
  • ✓ Single sign-on
  • ✓ Password security
  • ✓ Certified secure
  • ✓ Cross checking

HEALTHCARE ESTABLISHMENTS NATIONWIDE COUNT ON STREAMLINE VERIFY

5

60%

Average workload reduction by implementing the Streamline Verify program

5

10K

Establishments trust Streamline Verify nationwide

5

2011

Serving the healthcare industry’s unique compliance needs since 2011

5

24X

Setting standards with hourly synchronization to primary source data

AICP SOC Compliance Logo
HIPAA Compliance Logo