CrisisID

Constant security vigilance and management is an essential element of web site operation. CrisisID employs several layers of security to protect the personal identifiable information of users. CrisisID establishes a secure connection with your browser so your information is ‘encrypted’ or scrambled for transmission and storage. These security measures are the same as those used by leading financial institutions.

The CrisisID Encryption uses the PHP mcrypt module and the tripledes cipher. There are two keys to the medical data, one which allows for access to medical personnel through the CrisisID Emergency Access Number and the other which allows for access to the customer through their username and password.

The encryption and unencryption of each access method is performed through a secret key in combination with the CrisisID Emergency Access Number or username and password. In addition to the encryption of customer data, there is an additional layer of security which makes it so that customer data is not obtainable in association with that customer’s identifiable information (Name, Address, DOB). Because there are no unencrypted database associations between the customer’s identifiable information and the encrypted medical data, they are only made available to someone who has the customer’s username and password or the CrisisID Emergency Access Number.

Many fields of data, including some personally identifiable information, are not made available to medical personnel. Certain fields are never shown to medical personnel, and others are selectively hidden by the customer through the CrisisID website. The CrisisID Customer Service / Administration Area interface is also made to not associate customer identifiable information with medical data, so even a CrisisID administrator cannot obtain medical information without using the user’s username and password. When anyone views data by using the CrisisID code or by logging in with a customer’s username and password, notifications are given to the customer in the interface. In some cases customers are notified automatically by email, especially when customer login credentials are changed. By these measures and others, customer privacy is upheld and protected.

Information Storage– We have witnessed the vast destruction that can result from natural disasters and attacks by terrorists. The West Coast is subject to earthquakes, the Midwest tornadoes, the East and Gulf Regions hurricanes and all are subject to flooding; therefore as an additional security precaution CrisisID.com stores duplicate records in multiple secure locations, separated geographically.