Security Policy and Information

Use of our websites, services, and applications requires you to review our Security Policy.

Introduction

Med-Stop takes your security seriously and takes reasonable steps to protect your information.

We use state-of-the-art software and other technologies to prevent unauthorized users from accessing our systems, especially those accessible from the Internet. We continue to evaluate and implement enhancements in our security technology and policy.

Med-Stop provides each user in your company with a unique username and password that must be entered each time a user logs on. We also identify all computers accessing our secure systems.

The Med-Stop system is hosted in a secure server environment that uses a firewall and other advanced technology to prevent interference or access from outside intruders.

Browser

We require the use of a 128-bit secure, JavaScript enabled browser to log in to your account. In order to use Med-Stop Access service, your browser must be configured to accept persistent cookies.

Encryption

Med-Stop Access service requires SSL-3 Strong Encryption (at least 128 bits) using 3DES (triple-DES) algorithms. Secure browsers employ secure sockets layer (SSL) technology to communicate with servers. This technology encrypts - scrambles - the communication (ie. your account information) so it's virtually impossible for anyone other than Med-Stop to read it. SSL authenticates that the server you have connected to is the one it purports to be. You can be assured that you are actually communicating with Med-Stop, and not a third party trying to intercept the communication.

Cookies

Med-Stop Access service uses "cookies" to increase system security. A cookie is a text file that is placed on your hard disk by a Web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you.

The only purpose of using "cookies" by Med-Stop Access service is to identify your computer for increased system security. All stations accessing Med-Stop system have to be authorized by the system administrator.

User Name and Password

To access account information, you must provide a username and a password to enter the secure area of the site. Your password is not displayed when entered. If you do not provide this information, you cannot login to Med-Stop Access service.

Passwords are strictly case sensitive and must meet some complexity requirements. They need to be at least 8 characters long and have at least one digit in it. You should come up with something that's easy for you to remember but impossible for someone to figure out.

Never reveal your password to anyone. Never write it down where anyone can find it or figure out what it is. Change your password often, and be sure that you do not use common words that can be found in a dictionary, or numbers in a series.

In addition, you should make sure that no one is physically watching as you enter your password.

Sign Out

Please use the "Sign Out" button if you are going to be away from your computer for an extended period of time. Logout will end your session, and you will have to submit your username and password before entering the website again. We strongly recommend shutting down your browser as a good way to prevent others from using your access.

After a period of inactivity, your current Med-Stop Access service session will automatically timeout. To restart your session, re-enter your username and password at the sign in screen.

Network Security

Firewalls are used to shield our systems and proprietary networks from any unauthorized Internet traffic. The purpose of a firewall is to ensure only authorized traffic is allowed to pass into our systems and networks - all other traffic from the Internet is rejected. Firewalls also create logs of network traffic that allow for centralized auditing and security monitoring. Once your information has been entered, we use an encrypted network to transport data between all our systems and our partner systems to make online banking secure and to protect your personal information.

E-mail

You may receive an email from someone claiming to be a Med-Stop representative who asks for your password for any number of reasons - to help recover your account, prevent your account from being deleted, or identify your account are a few or the more popular scams. The person may ask you to reply with your password or may direct you to a fake sign-in screen. These are scams. Please forward the email to security@med-stop.com. Include the full email headers and the HTML source code of the email you received.

Last Updated: 9/1/2016