Horizontech takes privacy and security very seriously. We understand the responsibilities associated with safeguarding private, sensitive data and the risk of fraud.
Data Security policies are necessary to protect customer assets. HTI processes sensitive information for our customers, including Personal Health Information (PHI), Customer Proprietary Network Information (CPNI), Credit Card account holder data, Asset and Net Worth, Tax and other personal Financial information, Social Security information, gender preference and other personally sensitive secure data. HTI has policies that govern the collection, use, retention, disclosure and destruction of information. HTI strives to protect personally identifiable information that we maintain or disseminate, including the use of appropriate administrative, physical and technical safeguards. All activities that are deployed on behalf of our customers are designed to be consistent with these policies. All HTI employees receive training on data security, handling, disposition and reporting.
We accept and process vast amounts of sensitive customer information. This exchange of information is restricted to our customers for legally permissible uses. HTI limits the distribution of personally identifiable information consistent with the nature and sensitivity of the information, and strives to make available personally identifiable information from sources other than public records or publicly available information only to its authorized users or customers. Where applicable, HTI restricts access to information in accordance with privacy laws such as the FCRA, the GLB, and the DPPA.
HTI strives to accurately report information in its products, and also to accurately report information that it receives from its data sources. HTI recognizes, however, that reporting errors may occur, for a variety of reasons from public and non-public sources of information. HTI strives to acquire personally identifiable information from established, reputable sources in the government and private sectors
HTI supports accountability of information industry standards and practices, responsible and effective federal regulation of the data industry, and legislation governing the practices of all data providers. HTI believes that strong privacy and information security protections are vital for an effective and trusted data industry.
All health care institutions have as their number one value to protect the health and welfare of their patients. New regulations now require a more proactive effort to ensure that a safe and qualified workforce is rendering services in accordance with that value. HTI provides the following services for complying with Federally governed patient safeguarding and integrity practices.
- US Department of Health and Human Services (HHS) Office of Inspector General (OIG) Excluded Individuals/Entities Screening
- US General Services Administration (GSA) Excluded Parties Screening
- Fraud, Waste and Abuse compliance to detect, correct and prevent incidence of non-compliance with applicable requirements
- HIPAA Compliant
The Payment Card Industry Data Security Standard (PCI DSS) establishes minimum data security measures for organizations around the world that hold, process, or exchange cardholder information. HTI complies with PCI standards as one of the most stringent and secure measures for data security.
- Payment Card Industry (PCI) Level 4 Compliant
- Secure building, warehouse and document destruction, all under one roof
- Badges for all employees and guests
- Centrally monitored security alarm system
- Video surveillance system, internal and external
- Sign in and out logs
- Offshore facilities owned by Horizontech
- Designated Employee and Visitor building access
- All Horizontech employees must pass a background check before hire
- Initial and random drug screens
- 90 day probation
- Encrypted Customer Portal
- Portal Login and User Control Management, Customer Administration
- Offsite Backup
- Offsite operating locations networked to host at HQ
- Transmission between HTI and customer via secure FTP
- Designated Employee access rights