Physical, Logical & Network Access Controls for Giva's Cloud Help Desk Software

Giva's HIPAA-compliant security approach uses a comprehensive, multi-tiered security strategy to protect PHI in electronic health and medical records combined with a multi-tenant infrastructure to manage costs for our customers. Giva's cloud help desk software is compliant with security and privacy standards including HIPAA, PCI, SSAE 18, and Privacy Shield.

Physical Access Controls of Data Centres

  • Physical Security
    • Restricted Parking / Premises
    • Restricted Access to the Facility
    • No Signs Identifying the Data Centre
    • Security Guard 24x7
    • Photo ID Required
    • Sign-In / Sign-Out Process
  • Data Centre Security and Facility
    Access Rights
    • Restricted Access to Facilities
    • Biometric Access Required
    • Signs Posted for Restricted Access
    • Unique Access ID for Each Employee
    • Process for Granting/Revoking Access
    • Escort Required for Visitors/Vendors
    • Reconciliation of Staff with Access
    Access Tracking
    • Live Monitoring of Accesses
    • Digital Log of Door Accesses
    • Written Visitor Log
    • Camera Placement at All Door Access
    • Points, Aisles/Cages
    Data Protection
    • Shredders to Destroy Sensitive Documents
    • Server Cabinets Secured
    • Network Cables and Sockets Secured

Logical Access Controls

  • Separation between each customer's data
  • Separate & Defined Server Roles
  • Access control and logging for all access to servers with PHI
  • Firewalls between Public/Private Server Zones
  • Documented Policies/Controls
    • Access Control
    • Password Management
    • Firewalls
    • Virus Protection
    • Data Classification
    • Encryption
    • Retention
    • Destruction
    • Production Change Management
    • Incident/Problem Management Program
    • Security Incident Response Plan
    • Risk Management

Network Access Controls

  • Firewall
    • Dedicated hardware-based Cisco ASA firewalls
    • Firewall redundancy
    • Point to Point VPN Tunnels
    • SSL VPN Remote Access
    • Dual Factor Authentication
    • 3DES Encryption
    • IPSEC Tunnels INGRESS and EGRESS Filters
  • Nework
    • Private VLAN
    • DMZ Zone for public services
    • Internal Zone for private server
  • Intrution Prevention
    • Intrusion Detection
    • Intrusion Prevention
    • Prevention of "Phone Home bots"
    • DDOS Mitigation)
    • SSL Offload IDS/IPS of SSL traffic
    • Web Application Firewalls for OWASP 10
  • Enterprise - Anti-Virus
    • Enterprise Grade Anti-Virus
    • Host-based intrusion prevention
    • Centralized Reporting
    • Abnormal Process Logging

Learn More About Giva HIPAA Compliance

HIPAA-Compliant Data Encryption
Data Encryption
HIPAA-Compliant Onsite & Offsite Encrypted Backups
Onsite & Offsite Encrypted Backups
HIPAA-Compliant Physical, Logical & Network Access Controls
Physical, Logical & Network Access Controls
HIPAA-Compliant Vulnerability Management & Logging
Vulnerability Management & Logging
HIPAA-Compliant Defined & Tested Security Policies & Procedures
Defined & Tested Security Policies & Procedures
HIPAA-Compliant SSAE 18 SOC II Type 2 Certification
SSAE 18 SOC II Type 2 Certification

Client Success

MetroHealth System Logo
  • 50% reduction in time to deploy Giva's change, incident, problem, asset management and knowledgebase modules
  • 60% reduction in the 5 year Total Cost of Ownership (TCO)
  • Saved at least 1 FTE due to lower ongoing administration
  • Saved 1 week per month due to easy to use reports
Athens Regional Health System Logo
  • Increased to 90% achievement in meeting service level agreements
  • 70% reduction in generating reports and admin; eliminated 35 hours/month
  • 50% faster to create/assign a service request
  • 60% increase in information captured during the initial phone call
  • 50% increase in the number of service requests created due to intuitive design
Santé Health Systems Logo
  • 80% increase in productivity by using Giva's dashboards and reports
  • 60% increase in meeting service level agreements
  • 50% increase in productivity by using Giva's integrated custom forms
  • 45% increase in the number of the calls logged due to Giva's intuitiveness and ease of use