Securing sensitive data
Data security is an ongoing concern these days, and because LumenVox software is used in a wide variety of diverse applications, including those that process patient information, banking information and other personal or otherwise sensitive data, we have added a number of security features to our products.
When considering data security, there are a number of specifications already in widespread use, which offer guidance in such things. Specifically, the Payment Card Industry Data Security Standard (PCI DSS), for organizations that process cardholder information relating to the major credit, debit and similar charge cards. In addition, Title II of the Health Insurance Portability and Accountability Act (HIPAA) defines policies and procedures for maintaining the privacy and security of personally identifiable health information. General Data Protection Regulation (GDPR) is also a key framework to followed to ensure data protection. These three guidelines, in addition to close cooperation with key customers have been, and continue to be the main drivers when implementing LumenVox security features within our products.
Whenever developing any application, not just applications using LumenVox technologies, it is important to be aware of potentially sensitive data that may be associated with the application, such as credit card information and other sensitive data. This is of particular importance when working with PCI or HIPPA compliance.
By taking these things into consideration when developing applications at the core level, it is possible to identify and describe whether and where any sensitive data is.
LumenVox products are used in a large number of diverse applications, from simple demonstrations to integrated banking applications, and as such, there is the possibility that sensitive data may pass through LumenVox software. It is essentially impossible for the software to know whether any data should be considered sensitive or not, so the application developer has a responsibility to understand what the risks are and determine whether data being processed could be considered sensitive, and more importantly, take measures to limit exposure of that data.
Developers can utilize some of the built in features of LumenVox software to help control this exposure when needed.
The LumenVox PCI/HIPAA Best Practice Recommendations guide is aimed at helping application developers and IT managers in protecting and securing sensitive data, by identifying areas of LumenVox software that might be exposed to sensitive data, and also which features can be used to mitigate the risks of this exposure. In addition, this guide described PCI DSS, GDPR and HIPAA compliance as it relates to LumenVox products.
LumenVox continues to push development efforts towards adding more features to make speech application development easier and more flexible as well as more secure..
Below are some links to specific security related features and articles that can be used as a reference when considering application and data security when working with LumenVox products.
Attachments
LumenVox-PCI-HIPAA-Recommentations.pdf This is for on premise or client hosted installations | 0.6 Mb | Download File |