Data & Privacy
At Long Island’s Best Doctor, keeping your information secure is a top priority for us, and we are committed to the security and privacy of our users. This means we’re always working hard to safeguard your data and continually earn your trust. If you have questions regarding security, we are happy to answer them. Please write to [email protected] Island’s Best Doctor.com and we will respond as quickly as we can.
Keeping Data Confidential
We place strict controls over our employees’ access to user data, and have technical controls and audit policies in place to ensure the confidentiality, integrity, and availability of user data. Our employees and contracted personnel working with any user data are bound to our policies, and we treat these issues as matters of the highest importance.
Privacy and Security Training
Everyone at Long Island’s Best Doctor receives regular training to ensure that we remain focused on privacy and security. This includes privacy training that covers the Health Insurance Portability and Accountability Act (“HIPAA”), which establishes national standards for protecting the identifiable health information of health plan beneficiaries and patients, and other relevant state and federal laws. We also ensure that our employees receive annual data security training, regardless of their role in the company.
Certifications and Audits
Long Island’s Best Doctor works with outside experts to maintain high standards and rigorous security practices. We hire third parties to test our services and processes as part of our recurring penetration testing program. In addition, we conduct HITRUST and SOC 2 Type II audits annually. Long Island’s Best Doctor has obtained Certified status (CSF) for information security by HITRUST.
We employ industry standard technology to safeguard data. Our platform uses full volume encryption on all data stored at rest, with secure backups and robust backup policies. We also use Transport Layer Security (TLS) connections to transmit data over HTTPS.
Long Island’s Best Doctor leverages secure cloud computing, including Amazon Web Services (AWS), to store data in physically and electronically secure facilities. For a list of all current AWS security accreditations, see the AWS Compliance Programs page.
In addition to sophisticated system monitoring and logging, we utilize robust administrative identity, authorization, accountability, and authentication controls (including multi-factor authentication), as well as intrusion prevention and detection controls to protect our platform.
We have a vulnerability management policy that covers internal and external testing, including annual third-party penetration testing, to find and remediate vulnerabilities that may present a risk to our platform or data.
Logging and Monitoring
Long Island’s Best Doctor operates an extensive security information and events management system. Long Island’s Best Doctor maintains a centralized logging environment, which contains events pertaining to security, monitoring, availability, access, and other metrics about the platform. We review our logging and monitoring systems regularly, and respond promptly to automatic alerts.
Incident Management & Response
Long Island’s Best Doctor has incident management policies and procedures in place in the event of a security breach. This includes notifying users of any unauthorized access to their data in the event of a breach as defined under relevant state laws.
Product Security Practices
New features, functionality, and design changes go through a security review process facilitated by the Long Island’s Best Doctor development team. We utilize automated static analysis software, and our teams manually peer-review code prior to being deployed to production. The Information Security team works closely with development teams to resolve any security concerns that may arise during development.
Long Island’s Best Doctor operates a vendor management program, which requires our Legal and Information Security Teams to evaluate all third party vendors, service providers and partners. We review each potential service provider to ensure that our vendors continue to meet Long Island’s Best Doctor’s strict security and legal standards.
We maintain a disaster recovery plan that supports a robust business continuity strategy. This plan has been developed to meet industry standard methodologies and principles of high-availability engineering.
Still have questions or comments? Please reach out to [email protected] or give us a call at (631)-482-1357.
Where can I learn more?
Acceptable Use Policy: Guidelines for your appropriate use of our basic services.