- Where is all the data stored? (Local Server-in house, Service Provider, Cloud Storage…)
- Is the data on the storage devices encrypted?
- Who has access to the stored data?
- Have non-disclosures been signed by access personnel?/
- What considerations have been given for HIPAA laws with regard to medical documents?
- How often is your software audited for legal compliance as private data that can be used for identity theft is stored in your tables?