Data Security Policy Statement

WEDnetPA collects, processes, and stores all private data on a management platform known as ISAAC (Information Sharing, Administration, & Analysis Center) which utilizes multiple overlapping layers of security.

On the physical level, the datacenter is secured with key and electronic keycard access available only to authorized personnel and a security system which immediately notifies the police of an intrusion. We also prefer and recommend that clients directly input their data into ISAAC through our secure link, preventing any possible mishandling of paperwork via mail or fax. This way, everything remains digitally encrypted at all times.

On the network level, the servers and data are protected by a Cisco ASA 5200 series firewall and an intrusion detection and prevention system (IDS/IPS). Data is transmitted between companies and ISAAC with RC4 128-bit SSL encryption, ensuring privacy en route over the internet.

On the server level, the ISAAC web interface is protected by an application firewall and intrusion detection software. The web and database servers are also maintained with the latest security patches and updates.

On the software level, access is restricted to authorized personnel via a password-protected tiered permissions management system, allowing each person access only to the information necessary to complete their tasks. And sensitive information such as Social Security numbers are obscured even to those authorized to deal with those records. Information is stored with ISAAC on a separate highly-secure IBM iSeries DB2 relational database.

WEDnetPA also maintains strict policies for handling sensitive information, including any cached or temporary storage on individual workstations.

At no time is any data transmitted or permanently stored in an unencrypted form or without physical and software security.

Program funding provided by: