Security, Privacy, and Data Integrity

When Sandata handles your agency data, safety and security should be of the utmost importance. “Security and integrity define who we are and what we do,” says Vincent Luciani, Chief Information Officer (CIO).

Sandata embodies integrity through our dedication to protecting our customers’ data, commitment to ethical practices, and continuous security training and education. At Sandata, employees are entrusted to protect patients’ and caregivers’ personal and healthcare information and handle that responsibility with the utmost discretion. To help ensure the integrity of data throughout our organization, we adhere to high standards consisting of regular and detailed internal training, and continuous improvements to maintain our certifications.

High Standards

Sandata is a HIPAA-compliant organization, so we hold ourselves to a very high standard and are continuously searching for ways to improve our security. We question every security protocol, evaluate every data access point, and remediate every known vulnerability to ensure our customers’ data is safe – no exceptions.

Our internal security training is required to be conducted at least two times per year. It covers how a company like Sandata can protect itself from becoming a victim of a data incident, the types of data we hold, and why our customers’ data is so precious. With regular security education such as security awareness training, quarterly access audits, education modules, and mock phishing tests, we’ve ensured that security is a constant consideration for our employees.

HITRUST Certification

Every year, we renew our HITRUST Certification through a process that validates our security and privacy practices for storing, using, transferring, and disposing of data and information. HITRUST utilizes outside auditors to critically analyze, test our systems and practices, and then verifies our practices once again before granting us our certification.

Gaining our HITRUST Certification also requires us to improve upon our security and safety measures year after year. In 2021, we conducted more frequent and detailed audits, identified emerging security threats (and trained our teams accordingly), and educated our customers on the importance of data security/integrity.

Looking Forward to 2022

The biggest changes coming to Sandata in 2022, in regards to integrity and security, surround the rollout of multi-factor authentication (MFA) and the diversification of our hardware and software environments. The continuous improvement efforts help us eliminate risks, exposures, and potential threats.

Sandata’s team is working on further enhancing account security by adding multifactor authentication to its platforms. “MFA is an industry-standard when it comes to login security and is a method used by almost all leading software providers,” says Luciani. “We want to ensure that our customers have the latest protections in place and MFA enables this for them,” says Luciani.

In addition, Sandata continues to diversify its network making its systems more dynamic to expand or contract capacities which will make processes, systems, and servers more readily available to our customers. Through diversification, Sandata is able to further strengthen our security and our system’s resilience against both physical and digital threats, ensuring that one incident cannot affect the entire system.

To Our Customers

Integrity in our security practices is not about meeting a requirement to keep your data safe. It’s about understanding the value of your information and safeguarding it as if it were our own. It’s about dedicating ourselves to adapting, innovating, and improving our systems. Most importantly, integrity is about earning our customers’ trust and confidence every day.