Establishing a secure channel for outsourcing needs – Methods & Best Practices.

Security requirements of outsourcing work. More than just VPN, more than just two factor authentication. More than just adaptability are fundamentals which a good outsourcing relationship must consider. Here a brief security checklist to ensure diligence in data security.

Checklist for secure outsourcing:

  • What are your regulatory requirements for security? HIPAA, GDPR, industry specific?
  • What are your customers’ and other partner’s security needs?
  • What is your corporate culture for security?
  • What access to your systems and data is needed for the process to be outsourced?
  • How well isolated from your other operations are the systems to be connected to the outsourcing company?
  • How well protected against unauthorized access are the systems to be connected to the outsourcing company?
  • Whom at your company will take responsibility for managing the security of the outsourced process and auditing the access?
  • How will you track access to your systems or data to a specific individual or system at the outsourcing company?
  • What are the answers given by the outsourcing company to the above questions applied against their own operations?

Primary Assertion: It takes careful planning and experience to establish data security for remote connections. Our process to do this is mature and we have the capability to articulate the steps necessary to launch new connections securely and rapidly. Managing data risk should be high on the priorities of any company wishing to outsource work.

Secondary Assertion: Securing data is an ongoing process. It requires ongoing compliance with internationally accepted communication standards along with contextual laws like HIPAA to ensure that data transmitted is monitored for compliance. To do this planning an outsourcing company must follow a mature process:

1) Determine the nature of one or more client applications being used. These determinations should be multidimensional and include

  • sensitivity to latency
  • minimal link quality to trigger backup solutions (packet drops, round trips etc.)
  • bandwidth based on expected load
  • uptime requirements of the process (millisecond or packet sequencing

2) Develop a data transmission solution. Point to point link or preferred routing.

3) First tier data security : Application level credentials for access.

4) Second tier security : Encrypted channels or packet exchanges.

5) Third tier security : Two factor authentication

6) Limiting access points for data. How to do it and how this helps.

7) Routing and monitoring methods and reports. How TGS implements client and application level real time monitoring and reaction management.

8) Constant auditing of data streams for some applications that require privacy.

9) SLAs metrics and how they affect data security considerations.

10) Project management and implementation steps. How we deploy faster and more reliably than others in this space.

11) Exception escalation and maintaining uptime.

12) Supporting internal and external data security audits.

past medical history

Past medical history helps assess life expectancy

Past Medical History (PMH) is perhaps the most important section of doctors notes impacting longevity assessment.  When looked at medical conditions...

Impact of Family History on Life Expectancy

A hereditary disease is caused by genetic factors transmitted from parent to offspring. Family history is, therefore, an important consideration in...
life expectancy social history

The impact that social history has on life expectancy

In many parts of the world, life expectancy has been increasing steadily over the past few decades, due to increases in technology, medication, and...

Telegenisys supports law firm privacy compliance

Stephen Treglia writes in the New York Law Journal that "businesses are demanding law firms sign written agreements affirming their compliance with...

Telegenisys Geo codes lanes on more than 50,000 miles of US Highways

Satellite and Ariel image analysis is a core competency of Telegenisys Inc. Telegenisys frequently geo codes artifacts (objects) on the earth...

Containing health record costs in mass litigation

Gathering healthcare related evidence can run up considerable costs even before determining if there is a reasonable chance of making a valid claim....

Pin It on Pinterest