EMS Software Data Security

Unlike older applications that were built in a prior era, AngelTrack was designed in 2012, a time when security threats were a constant and grave concern. Every step of AngelTrack’s design and implementation was informed by modern development techniques… and by the healthy paranoia that comes from weekly headlines about security breaches and data loss.

AngelTrack’s principle designer previously held the post of Principle Software Engineer at Symantec, building applications for corporate security and compliance.

100% Protected by SSL/TLS

All connections to your AngelTrack server are protected by SSL/TLS, 100% of the time. SSL/TLS is the standard “Transport Layer Security” technology used everywhere to encrypt web traffic. Your bank uses it when you access your accounts online. AngelTrack uses it for 100% of its connections 100% of the time.

You can see it right in the URL of your AngelTrack server: to connect, your employees will specify “https” instead of ordinary insecure “http”. This prevents an eavesdropper from sniffing your traffic to collect passwords and patient data.

All of your traffic to and from your cloud server is thus protected, using a 2048-bit RSA key with a SHA-2/SHA-256 signature.

Physically Secured at Rackspace

Your data is critically, crucially important. Without it, all is lost. We here at AngelTrack know this, and so our servers live exclusively at Rackspace, the premier high-reliability hosting provider. Guaranteed.

Rackspace provides a physically secure server facility, with redundant connections to power, cooling, RAID storage, and the internet. Careful staff training and access control protect your server and your data. Round-the-clock support and automatic failover ensure your AngelTrack server will be there when you need it.

The reliability of cloud software depends on the reliability of its server host. Don’t settle for anything less than Rackspace.

RAID-10 SSD Storage

AngelTrack lives on RAID-10 Solid State Drives (SSDs), fast and reliable. Your data will never touch an old-fashioned spinning hard-drive.

24/7 Monitoring

Your cloud server is continuously watched by monitoring programs that continuously test its responsiveness. Cloud servers in the Dallas/Fort-Worth datacenter are watched by monitoring programs in the Chicago datacenter, and vice versa, constantly verifying that AngelTrack is working properly. If there is a service interruption, AngelTrack staff are notified within 60 seconds. They will know about it before you do.

Automatic Daily Offsite Backups

All of the data in your AngelTrack cloud server is automatically backed-up every morning at 2am, and offsited in a private storage cloud in a physically secured Rackspace facility. It’s all handled for you, at no charge.

Cloud servers operating in the Dallas/Fort-Worth datacenter offsite their backups to the Chicago datacenter, and vice versa.

100% Self-Contained

Your cloud server contains all of your data and is 100% self-contained. No data is stored anywhere else, on any other server nor on any other service, under any circumstances.

The same holds true for all of AngelTrack’s code, with the exception of the Google Maps feature which is loaded from Google’s servers.

No Third-Party Content, Except Google Maps

AngelTrack runs in your web browser on any computer or device you like… and it has very good manners. It does not load, or cause to be loaded, any third-party content other than Google Maps™. Nor are there any banners, advertisements, cookies, scripts, or other messages from third parties.

AngelTrack is clean and pure. You can verify this yourself at any time: right-click “View Source” on any of AngelTrack’s pages, and you can see exactly what content it loads into your browser.

You Can Download Your Data

All of AngelTrack’s various data-stores (schedule, patient list, facility list, employee list, etc.) have .CSV exports straight into Microsoft Excel. So, you can make copies of your organization’s data whenever you wish, slice and dice it, then import it elsewhere.

Full run reports — including signatures and all attached documents and EKG strips — can be downloaded as .PDFs or as NEMSIS v3.4 .XMLs, one at a time or in bulk. NEMSIS v3 XML is the standard format for importing PCR run reports into billing software. You can also bulk download your insurable runs in ANSI 5010/837P format.

And even if you choose to stop using AngelTrack, you have an additional 30 days to retrieve whatever data you wish from your cloud server.

Your Data Forever

Data is never deleted from an AngelTrack cloud server. Nor is data ever taken offline or archived. All of your data remains instantly accessible, from anywhere, from any device, for as long as you maintain your subscription.

Ten years down the road, you will still have immediate access to all ten years’ worth of data. You will be always prepared for an audit no matter how far back the auditors choose to look.

HIPAA Compliance

AngelTrack is 100% compliant with both the HIPAA Privacy Rule and the HIPAA Security Rule. It also supports HIPAA/HITECH Act patient EHR requests.

Converting to AngelTrack will confer HIPAA compliance upon many aspects of your EMS operation, for free. This is so because all of your HIPAA-encumbered information lives inside AngelTrack, where it is protected by Security Rule procedures.

Immune to SQL Injection Attacks

Probably the most common vulnerability in cloud software is SQL injection attacks, in which a rogue employee intentionally enters a malicious piece of text designed to corrupt the application’s database. For example, a rogue employee using a cloud application might type a piece of sneaky SQL code into an unsuspecting datafield (such as “Customer’s last name”), and when that datafield is sent to the database, the sneaky code is executed and does damage.

AngelTrack is immune to SQL injection attacks thanks to two strict rules in its code:

  • Zero use of “dynamic SQL”. Not a single line of AngelTrack’s code, anywhere, ever, uses dynamic SQL. Instead, 100% of AngelTrack’s database access is moderated through stored procedures with parameterized queries.
  • Zero use of direct table writes. 100% of data modification in AngelTrack occurs through access-controlled stored procedures; the data tables themselves are readonly to the middle tier.

To learn more about SQL injection attacks and defense, start with this tutorial from Oracle.

Codebase Open for Review

AngelTrack’s entire codebase is open for review and audit to anyone appearing in person at the Houston, Texas development office during normal business hours. Upon request, a developer familiar with the code will act as a tour guide.

No code may be taken off-premises during the audit, or copied to a private computer or storage device. Any person who works directly or indirectly for a competing EMS software venture is forbidden from attending the audit.

No Outsourcing

100% of AngelTrack LLC employees, past and present, are U.S. citizens living in America.

No Remote Control and No Firewall Openings

Old-fashioned EMS applications hosted in a server at your office require a remote control scheme and openings in your firewall, in order for employees in the field to connect. That is both a security problem and an IT hassle. Don’t waste your money on an application that requires that nonsense.

AngelTrack carries no such requirements, and imposes no such security holes. All you need is a web browser, and there will be no changes to your company firewall.

99.999% Uptime Guarantee

Your AngelTrack server is guaranteed to deliver at least 99.999% uptime, leaving aside its small scheduled maintenance/upgrade windows during the wee hours of Sunday mornings. This means no more than 5 minutes of unscheduled downtime per year.

You will receive a one-day flat-rate credit — applied to your AngelTrack server — for every day in which an unscheduled outage occurs. An unscheduled outage is defined as the inability to connect to your AngelTrack server from the internet for a period longer than 5 minutes.

Refer to the Cloud Server Uptime policy for details.

Ready to get started?

Click to get started now.