Quick links:
|
 |
Our approach to Security
Information is the currency of our relationship with you. We aim to protect this information in a wide range of means. Firstly, we do not store any critical identity e.g. SSN or customer financial information. We use various layers of security around MyHealthMyWorld. At the center, the most secure data is that related to personal health records. For obvious reasons we cannot make public the layers of protection other than to say the information is deliberately split between software, hardware and processor systems. Therefore without collating the material from each of these sources, it would be unlikely or impossible to reconstruct the information. We utilize a proprietary monitoring system and will actively pursue any deliberate attempts to interrupt our information systems through legal prosecution.
Your internet session is encrypted with 128-bit SSL, so it would be very difficult for anybody to intercept your information. If you have the personal firewall, anti-virus and anti-spyware running as recommended, you can have confidence in the security of your session with MyHealthMyWorld. Please see our guideline on what you can do to further help protect yourself.
Our 10 major security elements
Our security system consists of ten major elements. Each section covers a different topic or area. The objectives of each of these are as follows. Our internal detailed security procedures are by necessity confidential:
Security Policy
To provide operational direction and support for information security.
Business Continuity Planning
To counteract interruptions to business activities and to critical business processes from the effects of major failures or disasters.
System Access Control
1) To control access to information 2) To prevent unauthorized computer access 3) To prevent unauthorized access to information systems 4) To ensure the protection of networked services 5) To detect unauthorized activities. 6) To ensure information security when using mobile computing and tele-networking facilities
System Development & Maintenance
1) To ensure security is built into operational systems; 2) To ensure IT projects and support activities are conducted in a secure manner; 3) To prevent loss, modification or misuse of user data in application systems; 4) To protect the confidentiality, authenticity and integrity of information; 5) To maintain the security of application system software and data.
Physical and Environmental Security
To prevent unauthorized access, damage and interference to business premises and information; to prevent compromise or theft of information and information processing facilities; to prevent loss, damage or compromise of assets and interruption to business activities.
Compliance
1) To avoid breaches of any criminal or civil law, statutory, regulatory or contractual obligations and of any security requirements 2) To ensure compliance of systems with organizational security policies and standards 3) To maximize the effectiveness of and to minimize interference to/from the system audit process.
Personnel Security
To reduce risks of human error, fraud, theft or misuse of facilities; to ensure that users are aware of information security threats and concerns, and are equipped to support the corporate security policy in the course of their normal work.
Security Organization
1) To manage information security within the Company; 2) To maintain the security of information when the responsibility for information processing has been outsourced to another organization.
Computer & Operations Management
1) To ensure the correct and secure operation of information processing facilities; 2) To ensure the safeguarding of information in networks and the protection of the supporting infrastructure; 3) To minimize the risk of systems failures; 4) To protect the integrity of software and information; 5) To maintain the integrity and availability of information processing and communication; 6) To prevent damage to assets and interruptions to business activities; 7) To prevent loss, modification or misuse of information exchanged between organizations.
Asset Classification and Control
To maintain appropriate protection of corporate assets and to ensure that information assets receive an appropriate level of protection.
Protecting Yourself
Close your session when you are done
You should always log out of your session and close your browser windows when you are finished particularly when using a computer in a public location. To help you protect your information, your online personal health record session will time out after thirty minutes of inactivity if you have not already logged out.
Read your Personal Health Record
You should examine and report anything suspicious to us. You can view the record off all activity including whether any part of your record has been read
Don’t do your shopping or private viewing or health information at a Public PC
We strongly recommend against using any sort of public PC. The security of public PCs at internet cafés, libraries, campuses or elsewhere is simply unknown. They may be fine, or they may be loaded with spyware to capture and record your username and password.
Be wary of wireless “hotspots”
Wireless hotspots allow you to work on your own laptop computer, while connected to a free or paid wireless network at coffee shops, airports, hotels or elsewhere. You should only consider using wireless hotspots for internet banking if you have taken adequate steps to protect your computer.
At a minimum, you should always use a personal firewall, configured to block all incoming network traffic, and you should be sure that you have anti-virus and anti-spyware software installed and up-to-date. If you have the personal firewall, anti-virus and anti-spyware running as recommended, you can have confidence in the security of your session.
Secure your passwords
A strong password is your first line of defense. There are many systems that people use for choosing passwords, and some are better than others. In general, a good password should:
| Not be based on personal information that can be easily guessed (Your pet’s name, your dream car, your favorite vacation spot) |
| Not be a word that can be found in any dictionary of any language. |
| Contain at least 8 characters. |
| Use numbers, punctuation, and both uppercase and lowercase letters. |
| Not be the same as any password you use for anything else. |
Always memorize your password and do not write it down.
Secure your computer
There are certain precautions you should take to help ensure that your computer is safe from viruses or hackers:
| Keep your operating system and browser up to date. If you use Windows, visit the Windows Update site regularly. If you use a Macintosh, choose "Software Update" from the Apple menu. If you use Linux or other operating systems, visit the vendor’s web page for specific security information. |
| Use up-to-date Anti-Virus software. There are several very good Antivirus programs. Any of them are fine; the important thing is to use it regularly and keep it up to date. |
| Use a personal firewall. |
| Consider using secure browser software like Firefox. |
You can find more tips about computer security from US-CERT, and Microsoft.
Be aware of Spyware
Spyware is a general term used for software that is loaded on to your computer without your knowledge. It collects personal information about you and your internet browsing habits in order to launch popup ads or change the configuration of your computer. You might have spyware if:
| You see endless pop-up ads even when you're not on the Web |
| Your home page has changed without your knowledge |
| You are redirected to web sites different then what you typed into your browser |
| New, unexpected toolbars appear in your web browser |
| New, unexpected icons appear in the task tray at the bottom of your screen |
| Your computer or web browser seem slower |
| You experience a sudden rise in computer crashes |
You should check your system for spyware regularly. We recommend that you install, use and regularly update Lavasoft Ad-Aware, Spybot Search & Destroy and Microsoft AntiSpyware. All are free for downloading. You can find more information about Spyware from the FTC, US-CERT or Microsoft.
Return to top of page
Last modified: 28 July 2006
Why Us | Site Map | Legal | Privacy | Security | Advertising | Discounts | Rewards | Contact Us | ©2008 Natural Health Formula, Inc.
The information provided on
this site is intended for your general knowledge only and is not a substitute
for professional medical advice or treatment for specific medical conditions. The
information on this website is not intended to diagnose, treat, cure or prevent
any disease.
Always seek the advice of your qualified physician or other health care
provider with any questions you may have regarding a medical condition. Never disregard or delay in seeking medical advice because of
something you have read on this site. MyHealthMyWorld is a registered trademark of Natural Health Formula, Inc. All rights reserved.
| 
Email a friend
Contact MyHealthMyWorld