Commitment to Industry Standards & Security
HIPAA
The HIPAA Security Rule of 2003 requires covered entities to implement or address over 50 administrative, physical, and technical safeguards designed to ensure the confidentiality, availability, and integrity of electronic protected health information (ePHI) and prevent unauthorized access to ePHI. The HIPAA Security Rule has become the de facto security standard for the healthcare industry.
Download our HIPPA Business Associate Agreement.
PCI DSS
Our dedication to strict physical access controls and network security gives our clients peace of mind that we proactively safeguard their consumer information. Payment Card Industry Data Security Standard (PCI DSS) is a vital industry standard for protecting sensitive cardholder data. As a cloud service provider, we meet the applicable PCI DSS requirements in our data center operations.
Our Data Center meets the following compliance and sustainability standards:
SOC1 and SOC2 Type II
SOC reports help service organizations that provide services to other businesses build trust and confidence in the service performed. Hardened physical security and audited process controls assure our customers that we take their data security seriously and will keep their IT systems secure.
ISO 27001
The requirements for Information Security Management Systems (ISMS) are based on the ISO 27001 standard and keep information assets secure. ISMS consists of a framework of policies, procedures, and security controls that protect the confidentiality, availability, and integrity of assets from threats and vulnerabilities.
LEED Gold
LEED, or Leadership in Energy and Environmental Design, is an internationally recognized green building certification system. LEED provides building owners and operators a framework for identifying and implementing practical and measurable green building design, construction, operations, and maintenance solutions. LEED Gold certification demonstrates a commitment to greater efficiency in energy, lighting, and water use and the utilization of recycled and reused materials during the construction process.
EPA ENERGY STAR
This accomplishment signifies that the data center performs in the top 25 percent of similar facilities nationwide for energy efficiency and meets the EPA’s strict energy efficiency performance levels. On average, ENERGY STAR certified buildings use 35 percent less energy and generate 35 percent fewer greenhouse gas emissions than their peers.
NIST 800-53 High
NIST 800-53, published by the National Institute of Standards and Technology, recommends security controls for federal information systems and organizations. Our data center has implemented the NIST 800-53 high baseline controls necessary to support our customers’ Federal Information Security Management Act (FISMA) compliance efforts.
Practice Anywhere© uses state-of-the-art enterprise grade redundant IBM servers to host your practice data. Additionally, we employ industry leading technology including fully redundant grid power, battery sub-systems, 5 megawatts of off-grid power generation, three 6,000 gallon underground fuel tanks for continuous power generation, enterprise grade 2N+2 cooling systems, network equipment, and even multiple Internet carriers to ensure your practices patient data is safe and secure. Think Smart is the only cloud service provider that owns and operates every piece of the Practice Anywhere© equipment. Owning all of the equipment gives our customers piece of mind that the buck stops here and they are always talking to the right people in case of an emergency.
Regardless of whether you use equipment from Zeiss, Marco, Optos, Humphreys, or the myriad of other ophthalmic equipment, Think Smart has you covered. The Practice Anywhere cloud© relies on recognized industry standards, it will work properly on any device that supports standard terminal services. Even if your device does not directly support terminal services, we will still almost assuredly be able to connect your ophthalmic equipment and will make every effort to do so.
Let’s get one thing straight, your practice data belongs to you regardless of where it’s stored or physically located. You should have access to your practice data anytime you want for any reason you want it.
Well before the day arrives to get your practice running on the cloud, Think Smart’s implementation team has been working behind the scenes to get your system ready. Everything from coordinating installations with your third parties (ECR Vault, Solutions Reach, Weave, etc..) to pre-moving your eDocuments is completed before your scheduled installation day arrives*, all to minimize any impact on your staff or practice. On your scheduled implementation day, our implementation team is trained to get you on board quickly and efficiently. In most cases, your on boarding will only take a couple of hours before you can start using your system on the cloud.**
There is a hacker attack every 39 seconds* and Cybercrime has surpassed the global drug trade in profitability. It’s not just the big companies that are getting hacked, small businesses are considered the “low hanging fruit” of the hacker world and have since become the #1 targets of cybercrime.
Well before the day arrives to get your practice running on the cloud, Think Smart’s implementation team has been working behind the scenes to get your system ready. Everything from coordinating installations with your third parties (ECR Vault, Solutions Reach, Weave, etc..) to pre-moving your eDocuments and everything in between is completed before your scheduled installation day arrives, all to minimize any impact on your staff or practice. On your scheduled implementation day, ur implementation team is trained to get you on board quickly and efficiently. In most cases, your on boarding will only take a couple of hours before you can start using your system on the cloud.