We follow the best practices in security (as per HIPAA Security Compliance). We use a respected, secure hosting provider for the site. which has signed a HIPAA compliance agreement and earned SAS Type II certification. We also use state of the art firewalls for our production servers, and our systems have been developed to prevent the most common security vulnerabilities. For secure browsing, we use 128-bit SSL encryption using Verisign certificates. Finally, when we do any testing and development work to the site, we use sanitized versions of the site, with all personally identification information stripped out.