CCI provides extensive hosting capabilities for all of our applications. There is a primary backup site and an additional backup site.
The following are key features of our hosting services:
- Server/Access Failover: Failover redirects requests to alternate servers if the originally requested server is unavailable or too slow. Load balancing distributes request processing across multiple servers.
- Data Redundancy and Storage: We have 2 levels of backups. The first backup is on site and the 2nd backup is a remote backup service that transports the data to a remote location.
- Data Encryption and Transmission: We use SSL technology for the transmission of all data in and out of the server. All data is encrypted at source and decrypted at destination.
- Annual Certification of Public Key Infrastructure: Servers are certified annually. This cost is not passed on to the client.
Technical Safeguards to ensure client confidentiality:
- Server Level Security: Access to the server is restricted to recognized computers only.
- Database Level Security: Provider applications reside on an SQL SERVER Database. Users are not allowed direct access to the database. The only access is through the front end application tool. CCI will provide ongoing support, maintenance, management, security, and protection of the data and the system operating environment.
- Backup Procedures: Systems are backed up on a daily basis. Frequency of backup can be increased as required by administrative staff of the provider. The CCI development center also downloads backups of the database on a weekly basis.
- Restoration Procedures for the Application Host Server: The backup is restored and the application is restarted. The entire process takes about 30 minutes.
- Restoration Procedures for the Database Server: In the event of a disruption, there are several levels of escalation:
- The RAID array ensures data redundancy. When a problem is detected on one of the hard drives, the system reverts to the next hard drive that has perfectly synchronized data at all times. The system administrator is notified to fix and restore the problem drive. This procedure is transparent to the user and there is no downtime involved.
- The next level of escalation is to restore from the latest backup. There may be system downtime for this option. A system message will notify users of the date and time of the latest data that was entered.
- Recovery Procedures for Historical Data at the Host Level: All data is divided between the Current database and the Archived database. The Archive database contains all information on clients served and terminated before a certain number of years from the current date. It also contains selected historical transactions on current clients that occurred beyond a certain time period and is no longer needed for active reporting. Damage to either of these databases can be restored using the procedures mentioned above.
- Recovery Time after a Planned or Unplanned Outage: Planned outages are always scheduled for the middle of the night on weekends and the time taken for these outages may range from a few minutes to about 3 hours. The purpose of these outages is for scheduled maintenance or installation of upgrades on the server. Unplanned outages are unforeseen and the duration of time depends on the type of outage that has occurred. A message is posted on the home page of the system informing all users of the system shutdown and the approximate length of time.
- Management Escalation Procedure for a Major Outage: All personnel including the lead designer are involved with the resolution of the problem. The size of our company and the close involvement of our staff with issues related to all implementations make it possible for quick and efficient responses to problem solving in a team setting.