RexDB™ implements the highest levels of security and was designed to simplify HIPAA and IRB compliance.

RexDB™ employs advanced features to support the secure management of ePHI data. Together with RexDB’s intuitive screens and highly granular privileges for users, these features provide our clients with the tools to comply with all of HIPAA’s Technical requirements, as well as many of HIPAA’s Administrative requirements.
 
All communication with the site server for normal usage, maintenance, and backups is encrypted using SSL.
 

Standard RexDB™ Security Features

Hot Security

• The site server boots from a CDROM that contains the operating system and core libraries. In the rare case the server is compromised, any modification to system resources can be undone by simply rebooting the server.
• The server runs a highly secure operating system (FreeBSD), providing immediate resistance to many common attacks and exploits.
• A unique web-server is used to further reduce system exposure to attacks. The web server is written in a high-level language that substantially reduces the effectiveness of most common attacks (such as buffer-overflows).
• All communication between the site server and remote workstations (any modern computer capable of running the Firefox web browser) is logged and uses SSL encryption.
• The system fully supports journaling to ensure data integrity, to support audit trails, and to simplify disaster recovery. Further, all collected data, as well as the journal itself, can be mirrored (in encrypted form) on redundant remote servers.
   
  

Cold Security

• Site servers employ twin mirrored and encrypted hard drives to prevent data access should the server ever be stolen or compromised. This also virtually eliminates downtime due to drive failure.
• All system backups are remotely stored on geo-redundant servers kept in locked racks in secure locations.