and Security Policy
The Extract Lab System hereafter referred to as Extract Lab creates audit trail
logs to proactively monitor all activities on the system. All access to
individual records, including user information accessed, date and time of
access, and action performed (write, edit or delete) may be audited routinely
to ensure compliance with USACAEL policy. Analysis can identify usage patterns and
all breaches of information security, leading to corrective action to prevent
Extract Lab collects information about your use of this site through the use of
“cookies.” Cookies are small bits of information that the system transfers to
your computer’s hard drive that allow us to know how often you access the
system and the activities you conduct while in the system. The
system automatically assigns unique cookies.
Your browser software can be set to reject all cookies. Most
browsers offer instructions on how to reset the browser to reject cookies in
the “Help” section of the toolbar. If you reject our cookie, certain functions
and conveniences of this site may not work properly.
Extract Lab uses Secure Socket Layer (“SSL”)
encryption technology when transmitting all information to the server. SSL
helps to ensure the integrity and privacy of personal information during
transmission. Encryption involves systematically scrambling numbers and
letters, so that even if someone managed to intercept the information, they
would not be able to make sense of it. In order to take advantage of this
encryption technology, you need to have an Internet browser that will support
128-bit encryption, such as Netscape or Microsoft Explorer.
Authorized users rely on unique user identifications and
passwords to access Extract Lab. The
Extract Lab administrator assigns access privileges to Extract Lab on a
“need-to-know basis” and access by each user is documented.
Facilities and Physical Security
Extract Lab web-hosting servers
operate from a secure facility operated by the Walter Reed Army Medical
Center's Department of Information Management. Physical
security safeguards are in place to protect against environmental hazards, such
as a fire or a flood, and against theft and unauthorized access to the hardware
components of Extract Lab.
Only to the extent permitted by the regulations promulgated by
the U.S. Department of Health and Human Services under HIPAA, the VHC may at
times aggregate de-identified personal information and may compile and
distribute statistical analyses and reports utilizing aggregated data derived
from this information. Any information that can be traced back to an
individual, including, for example, name, address, telephone numbers and e-mail
addresses, will not be included in the aggregate data.
Unauthorized attempts to upload information or change
information on Extract Lab are strictly prohibited and may be punishable under the
Computer Fraud and Abuse Act of 1986 and the National Information
Infrastructure Protection Act