top of page
Privacy, Security & Responsible Disclosure
Privacy and Security

Commitment to Privacy & Security

At Scripta Insights, Inc. (“Scripta Insights”), we are committed to creating and maintaining a secure, private, and safe environment for our customers. The privacy, security, and safety of our customers is our top priority and we strive to maintain the trust and confidence that our customers place in our company.
 

We commit to:

  • Maintaining administrative and logical safeguards to protect the security and integrity of the Company

  • Using formal access management processes for the request, review, approval, and provisioning of Company's personnel with access to production systems

  • Using formal HR processes, including background checks, security awareness training, security and acceptable use policy, and a formal code of conduct  

  • Using commercial industry standard secure encryption methods to protect customer data at rest and in transit

  • Maintaining secure software development processes to ensure consistent quality that goes across policy, people, processes, and technology

  • Employing a dedicated product security incident response team that follows industry best practices in managing and responding to security vulnerabilities to minimize customers’ risk of exposure

  • Maintaining anti-virus protection, performing vulnerability scanning, and conducting periodic penetration testing to detect and prevent security vulnerabilities from being introduced into production systems
     

Responsible Vulnerability Disclosure Policy

Scripta Insights recognizes and values the vital role that that the information security community and independent security researchers play in assisting us in keeping our products, services, and technology secure. If you are a security researcher and discover a vulnerability, we sincerely thank you for your help in disclosing it to us in a secure and responsible manner.

Responsible Disclosure

Scripta Insights will engage with security researchers when vulnerabilities are reported to us in accordance with our Responsible Vulnerability Disclosure Policy (our “Policy”). Our Policy applies to any public-facing system owned, operated, or controlled by Scripta Insights. This Policy describes how to responsibly inform us of a potential security vulnerability and our guidelines for the security researchers who participate in our vulnerability disclosure process. Reports submitted to Scripta Insights in good faith and pursuant to this Policy, will be handled appropriately and kept confidential where permitted by law. 

Guidelines

Security researchers must adhere to the following:

  • All applicable laws and regulations. 

  • This Policy. 

  • Our Terms of Use.

  • Report all vulnerabilities promptly. 

  • Avoid violating the privacy of any individuals. 

  • Communicate with us in a secure manner as described below. 

  • If a vulnerability provides unintended access to data, security researchers are required to limit the amount of data accessed to the minimum required for effectively demonstrating a proof of concept, and to cease testing and submit a report immediately if any customer data during testing, such as Personally Identifiable Information (PII), Protected Health Information (PHI), credit card data, or proprietary information is discovered or encountered.

​

The following activities are not permitted:

  • The performance of disruptive testing such as load or performance testing, including Denial of Service attacks, attacks or actions that attempt to interfere with the confidentiality, integrity, availability, or operation of our websites, mobile applications, platform, and/or software. If you notice that any action you have taken degrades the performance of our systems, immediately stop. 

  • Social engineering or phishing of our employees or individuals associated with Scripta Insights.

  • The altering of any of the content on our websites, applications, or social media accounts. 

  • Retaining any of our customer’s data that was accessed as a result of any vulnerability testing. 

  • Posting, transmitting, uploading, linking to, sending, or storing any malicious software. 

  • Conducting testing that results in the transmission of unsolicited, junk, spam, or unauthorized e-mails.

  • Testing any third-party applications, websites, or services that integrate with or link to our website, applications, or services. 

  • The testing of any physical office access (doors, tailgates, windows, metal detectors…etc.).

  • The attempted or actual alteration of account privileges or login credentials.  

  • Extortion.

How to Report

  • Please promptly share the details of the potential security vulnerability with our team by e-mailing us at help@scriptainsights.com. Please note that this e-mail address is intended only for the purposes of reporting potential vulnerabilities and not for technical support or for information on our products or services. 

  • In your e-mail, please provide the time, date, operating system, platform and browser used, and other details sufficient to enable us to reproduce the vulnerability. 

  • To ensure confidentiality, we ask that you encrypt any sensitive information you send us via e-mail. 

  • Please do not disclose the issue to the public or any third party, until we have had a reasonable opportunity to assess, understand, validate, and resolve the vulnerability and we have communicated to you in writing that you may disclose this issue.

  • We will attempt to review and respond to your report as soon as possible. 

  • After your e-mail is received, a member of our team may follow up with you to discuss your report. 

Our Promise

Scripta Insights will work to understand and verify vulnerabilities and any potential impact. If we believe that the privacy, security, or safety of our customer’s information is impacted, we will work to develop a solution and take all actions we deem appropriate. We reserve the right to determine or delay the release of any advisory or to not issue an advisory at all. All aspects of this Policy and process are subject to change without notice. There is no guaranteed response or action for any specific type or class of issue reported.

Scripta_Logo_NavigationTag_White.png

40 Grove St, Suite 270
Wellesley, MA 02482

info@scriptainsights.com

  • LinkedIn - White Circle
  • YouTube - White Circle

ABOUT

TEAM

SOLUTIONS

TECHNOLOGY

SCRIPTA NEWS

IN THE NEWS

MEET SCRIPTA

RESOURCES & TECH SUPPORT

BOARD

EMPLOYERS

PRESS RELEASES

FAQs

P&T COMMITTEE

CONSULTANTS

EVENTS

CASE STUDIES

TPAS

HEALTH PLANS

INSIGHTS

BLOG

MEMBER SUPPORT:

(866) 572-7478
help@scriptainsights.com

DOWNLOAD THE FREE SCRIPTA  MEMBER APP

google-play-badge_English_edited.png

© Copyright Scripta Insights, Inc. 

CAREERS

PRESS

CONTACT

PRIVACY

SECURITY

TERMS OF USE

Scripta™ is neither a pharmacy nor a doctor. The benefit service does not tell you what drug to take and does not participate in the drug selection process. Only your physician can determine the medications that are right for you. These alternative medications are options for less costly drugs that physicians may prescribe in place of the medications you are taking now. Scripta has reviewed your current medications only for the purpose of identifying potential cost savings for you to consider with your physician. Scripta has not analyzed the effectiveness or other therapeutic aspects of these medication alternatives. Accordingly, this report and any other forms of communication received from Scripta are not, nor should they be interpreted as, any form of treatment, drug regimen review, or provision of counseling or consultation by a prescriber, pharmacist or pharmacy. Do not stop taking your medication, change your medication, or start taking a new medication without being directed to do so by your physician and filling the prescription under the oversight of a licensed pharmacist. The alternatives set forth above may not be equivalent to your current medication, may interact adversely with your other medications, may not be indicated in light of your other conditions, may cause different or severe side effects, or may be less effective at treating your condition. Medication prices are approximate based on information provided by your pharmacy benefits manager, insurance plans, and/or employer, and may vary from pharmacy to pharmacy. Check with your insurance plan to obtain a full list of pharmacies where your prescriptions can be filled. All information herein is HIPAA protected, treated as highly confidential, and never shared with your employer.

​

Scripta™, Scripta Insights™ and The Best Meds at the Best Price® are registered trademarks of Scripta Insights, Inc. The contents of the site are for informational purposes only and not intended as a substitute for professional medical advice, diagnosis, or treatment. We do not recommend or endorse any specific prescription drug or pharmacy that may be mentioned herein. Reliance on any information provided by us, our affiliates, employees or others is solely at your own risk.

bottom of page