Security and Your 340B Pharmacy Partner

July 18, 2021

You don’t have to go far to see, hear, or worse, experience some form of Cyber/Technology Security Breach. It’s a scary fear and can escalate quickly, affecting thousands if certain measures and protocols are not put in place for proactive protection as well as reactive.

Of course, one that hits close to home is that attack on another pharmacy partner. This ransomware attack affected over 1.6 patients nationwide and the actions to remedy this are still ongoing.

Nuvem feels that it is imperative to educate Covered Entities on the importance of instituting the highest level of data security and review what your organizations should be implementing, what we here at Nuvem do to go a step further. You should expect nothing less from your current TPA.

What is Data Integrity?

  • Integrity means the property that data or information have not been altered or destroyed in an unauthorized manner.
  • Trustworthiness of information over its entire life cycle.
  • Data reflects the “what” from beginning to end.
  • From onset (encounter, visit, admission) to primary and secondary uses of the same data.
  • As data structure might change, the data continues to reflect the what.
  • Uniform, trustworthy, complete, unchanged meaning, secure.

Nuvem adopts the highest security and privacy protocols to protect health information and the data of our customers. Security is EXTREMELY important to Nuvem. We are SOC 2 certified and perform an annual HIPAA Assessment and Penetration Test. For access to any of Nuvem technology solutions, we provide all covered entities and pharmacies with an individual login and password to our software solutions. Usernames and passwords are in created according to HIPAA protocols

Processes, Policies and Procedures

Formal policies and procedures exist that describe logical access, information security, user data confidentiality, risk management, disaster recovery, and change management. All Nuvem personnel adhere to the policies and procedures that define how services should be delivered. It is an employee policy that we take incredibly seriously and actively test.

Data Encryption

Nuvem is committed to protecting the ePHI of its clients and expects all its employees to demonstrate a similar commitment. We recognize that compliance with the HIPAA Security Rule is not a onetime event but rather a continuous process. We encrypt data both in-transit and at-rest as required by both HIPAA and HITRUST protocols. For encryption between the front-end application to the end user we are using SSL certificate from an authorized CA.

Anti-Virus & Intrusion Detection

Nuvem protects its systems against infection by computer viruses, malicious code, and unauthorized software by implementing antivirus software. Antivirus software is typically installed on servers, workstations, and laptops to detect and prevent the transmission of data or files that contain certain virus signatures recognized by the antivirus software.

Virus signatures/definitions are automatically updated and the antivirus solution is configured for live protection and real-time scanning. We maintain control of our protection by restricting the ability to administer the antivirus solution to authorized personnel only.

An Intrusion Detection System (IDS) solution is deployed to automatically detect threats and suspicious network activity. The IDS is configured to report on any intrusions identified by the firewall. The ability to administer the firewall is also restricted to authorized personnel.

We understand that this is not only a fearful topic, but one that can be overwhelming – but it is something that your organization needs to consider and scrutinize your current provider’s policies and security tools. We are happy to set-up a call or meeting to diver even deeper into this topic.

Stay in the Know

Subscribe to our newsletter for the latest resources straight to your inbox!



2023 Industry Year in Review


Nuvem’s 2023 in Review


Why Are Community Health Centers So Important?

Think Big. Move Forward.

Don’t Take Our Word for It… Take Theirs.

Nuvem is one comprehensive solution and streamlined experience for the industry’s leading client and compliance support.

“Since the pandemic began, with the partnership of Nuvem, both our in-house pharmacy and contract pharmacies have grown to be 60% of total revenues. If not for this stable revenue base, we would have had to furlough staff and/or significantly reduce office hours.”

Chief Financial Officer

Community Health Center

“Your entire team has a wealth of experience matched with a caring heart and a fierce determination which has enabled you to accomplish so much and I thank you for sharing that well earned insight.”

Executive Director, Health Center

Brooklyn, NY