General Explanation of how the CM-Connect handles data Security
*Please note that the "CM-Connect" and the "CM platform" are different tools. The CM-Connect is installed on a server and makes it possible to collaborate while complying with privacy laws. While the "CM platform" is the online platform in which data can be reviewed. This document is referencing the CM-Connect.
Overview
CM-Connect (latest version: 3.1.0) is a secure gateway designed to facilitate data communication while ensuring strict security and compliance measures. This document outlines the security protocols governing CM-Connect, including data classification, access controls, and compliance measures.
Data Classification
CM-Connect data is categorized into three classification levels to ensure appropriate security measures are applied:
-
Restricted: Highly sensitive data requiring the strictest security controls.
-
Sensitive: Confidential data that must be protected against unauthorized access.
-
Internal: Data intended for internal use, with moderate security measures.
-
Public: Information that can be freely shared without security concerns.
Security Measures
1. Access Control
-
Role-Based Access Control (RBAC): Users are granted access based on their role within the organization. Because the CM-Connect is a gateway that is installed on a server within an institution provided by the institution, direct access is not required. Only those within the institution that have been granted administrative rights will be able to run CM-Connect Commands.
-
Encryption: Data is encrypted both in transit and at rest using industry-standard encryption protocols.
2. Compliance and Governance
-
Adherence to Industry Standards: CM-Connect complies with regulations such as GDPR, HIPAA, and ISO 27001.
-
Audit Logging: All system activities are logged for security monitoring and compliance auditing.
-
Regular Security Assessments: Periodic security audits and penetration testing are conducted to identify and mitigate vulnerabilities.
3. Incident Response
-
Real-time Threat Detection: Remote monitoring tools detect and help us to respond to any possible security threats.
-
Incident Reporting and Response Plan: A structured process is in place for reporting and mitigating security incidents.
Conclusion
CM-Connect security protocols are designed to provide a robust security framework for data protection and compliance. By implementing these security measures, CM-Connect ensures the confidentiality, integrity, and availability of its data and services. For further details on security policies, please contact our team.