American Well Hosting Operations Guide for AmWell …€¦ · based on standards such as HITRUST...

American Well Hosting Operations Guide for

AmWell Customers

Version 7.0

October 31, 2016

of 15

Copyright © 2016 American Well / Confidential

American Well Hosting Operations Guide for AmWell Customers

Contents Introduction .............................................................................................................................................................. 4

Scope and Purpose ................................................................................................................................... 4

Document Change Control ....................................................................................................................... 4

Description of Services .............................................................................................................................................. 5

Data Center Locations .............................................................................................................................. 5

Backup Services ........................................................................................................................................ 5

System Monitoring and Alerting .............................................................................................................. 5

Hosting Operations Audits ....................................................................................................................... 5

Service Level Commitment ....................................................................................................................................... 6

System Availability ................................................................................................................................... 6

Definitions ............................................................................................................................................... 6

System Maintenance & Continuous Delivery........................................................................................... 6

Version Support ........................................................................................................................................ 7

Service Level Exclusions ........................................................................................................................... 7

Hosting Security Practices ......................................................................................................................................... 8

Physical Security ....................................................................................................................................... 8

System Security ........................................................................................................................................ 8

Network Security ...................................................................................................................................... 8

Security Incident Reporting ...................................................................................................................... 9

Software Maintenance and Support ....................................................................................................................... 10

Definitions .............................................................................................................................................. 10

Maintenance Responsibility ................................................................................................................... 11

Support Responsibility ........................................................................................................................... 11

Level 1 and Level 2 Support .................................................................................................................. 11

Third Party Content and Services .......................................................................................................... 11

Error Classification, Reporting and Response ........................................................................................ 12

Error Classification ................................................................................................................................ 12

of 15



Error Reporting and Response .............................................................................................................. 12

Escalation Procedures ........................................................................................................................... 13

On-Site Support ..................................................................................................................................... 14

Documentation ...................................................................................................................................... 14

Customer Error Reporting Guidelines .................................................................................................... 14

of 15



Introduction

Scope and Purpose

The purpose of the American Well Hosting Operations Guide is to define the processes and rules that

American Well follows in order to effectively manage hosting, support and maintenance service for its

customers. This guide includes information about American Well’s scope of hosting services, service level

commitments, escalation procedures, and other support obligations. It is intended to provide guidance for

the American Well operations and support teams, and information for customers’ technical operations teams.

The primary objectives of this guideline are to

Establish practices that govern the delivery of hosting, support and maintenance services.

Promote the security of information stored within the American Well System.

Promote compliance with all local, state, and federal statutes related to information protection

Document Change Control

Revisions to the American Well Hosting Operations Guide are subject to document change control. Changes

to this document must be approved by the American Well Senior Vice President of Hosting. Notification will

be made to clients with 30 calendar days of any material change to the Guide.

Date Version Comments

10/2012 1.0 Initial version for AmWell Customers

2/2013 1.1 Updates for 2013

6/2014 5.0 Changes to match EE version.

6/2014 5.0.1 Minor changes to match EE version

5/2016 6.0 Changes to patch, upgrade and other sections

6/2016 6.01 & 6.02 Minor corrections

7/2016 6.1 Updates to support section

10/2016 7.0 Updates

of 15



Description of Services

Data Center Locations

American Well delivers hosting services from sites located in the United States which are SSAE 16 SOC 1 Type

2 or SOC2 Type 2 certified or certified under another equivalent standard. Currently services are delivered

from one or more of the following locations. Our services may be offered out of any of the three sites at any

time.

Santa Clara, CA

Andover, MA

Honolulu, HI

In no event shall such hosting sites, primary, backup, DR, other otherwise, be located outside the United

States.

American Well will provide instances of its system, as follows:

1 Production instance

1 Disaster Recovery instance

Backup Services

Customer data is backed up to disk daily, encrypted, and is delivered off-site at least once daily (Monday

through Friday) to a secure remote-site facility. American Well stores no more than one year worth of offsite

backups at any given time.

System Monitoring and Alerting

American Well maintains multiple system monitoring and alerting tools, both local and remote, to detect

and notify the Hosting Operations team about resource utilization, component and system failures and

other potentially service impacting events. Alerts are monitored 24x7x365 by our Cyber Command Center.

Hosting Operations Audits

American Well conducts internal audits relating to the hosting services on a regular basis. These audits are

based on standards such as HITRUST CSF, HIPAA, PCI DSS and/or other applicable standards. The content and

format of these audits may be changed at the discretion of American Well.

of 15



Service Level Commitment

System Availability

American Well provides System Availability target of least 99.9% during each calendar month. The Uptime

Percentage is calculated by dividing Uptime Hours by the Base Hours and multiplying the result by 100. These

calculations are made on a calendar month basis with service availability measured to the hundredth of an

hour and hundredth of a percent of system availability (e.g. 719.50 Uptime Hours or 99.93% availability)

Definitions

For purposes of this calculation, American Well uses the following definitions.

Base Hours

“Base Hours” are the total number of hours during a calendar month.

Downtime

“Downtime” occurs when some or all major functions of the American Well System are

inoperable or inaccessible. Downtime does not include periods of scheduled or emergency

maintenance, single periods lasting less than 10 minutes, or periods of inoperability or

inaccessibility to the extent caused by one of the defined Service Level Exclusions. For the

purpose of calculating System Availability, downtime begins at the moment a Severity 1 Error is

reported to American Well.

Uptime Hours

“Uptime Hours” are determined by subtracting the total Downtime from the Base Hours.

System Maintenance & Continuous Delivery

American Well employs a continuous delivery process wherein software updates and patches are regularly

deployed to ensure feature and patch currency. These changes are applied through an automated system

and may happen at any time during the month. Any potentially service-impacting updates are applied during

regular maintenance windows typically during the overnight hours. The maintenance will typically not exceed

8 hours per calendar month. In scheduling maintenance windows, American Well endeavors to minimize the

impact on all of American Well’s customers’ business operations taking into account in particular the peak

times of usage of each customer.

of 15



Version Support

American Well shall provide the support and maintenance services described in this Guide for the most recent

major release of the American Well System. In addition, American Well will provide support and maintenance

services for the next most recent release of the American Well System for up to 120 days after release and

general availability of a more current version. American Well may provide minor upgrades to the American Well

System during scheduled maintenance.

Service Level Exclusions

Events or factors outside of American Well’s control may impact American Well’s ability to achieve the target

Service Levels. American Well shall not be responsible for any failure to meet the service level commitments

set forth above if the failure is due to:

A customer’s acts or omissions, including any customer misuse or abuse of the American Well System or use in violation of the customer agreement or terms of use.

Viruses, malware or malicious code (given American Well has applied generally available and approved security definitions as soon as is practicable).

Violations of the Terms of Use or malicious attacks on the American Well System.

Any cause beyond the reasonable control of American Well, so long as American Well takes prompt measures to address such causes and notifies Customer thereof.

of 15



Hosting Security Practices American Well maintains a comprehensive Information Security program to protect the systems and

information under its control. This program includes protections in the following areas.

Physical Security

Physical access to American Well’s data center facilities is restricted to authorized personnel only. Where co-

location services are used, access to the cages where American Well customer information is processed is

restricted to those personnel specifically authorized by American Well. Access to the data center buildings is

limited and non-employees must be escorted by building security and/or American Well approved personnel.

Access to the American Well secure areas is controlled by a combination of physical and electronic lock and

requires photo identification and a user-specific password. All access to these areas is logged and recorded for

audit purposes

System Security

All remote administrative access to the systems behind American Well firewalls requires authentication

procedures. Authentication is implemented using a minimum of username and password verification, and where

required, two factor authentication. American Well policies require controls to ensure that passwords must be

sufficiently complex to reduce the effectiveness of “dictionary attacks” to crack these passwords. All system

access except that which is absolutely necessary to utilize and administer the American Well System is configured

by American Well to prevent an intruder from gaining access to the system. All requests which are denied access

may not receive any information about the American Well hosting configuration. American Well will track and

implement applicable security patches and updates to all software products used in the American Well system,

including but not limited to operating systems, database management systems, third party products, firewalls,

anti-virus software, anti-virus signature/definition files, intrusion prevention and detection software or firmware

used in networking equipment. Unless otherwise required, these changes shall be applied during scheduled

maintenance.

No third party may have access to customer Protected Health Information (PHI) or Personally Identifiable

Information (PII) without proper consent. American Well’s obligations regarding use, access to and transmission

of PHI is set forth in the Business Associate Agreement between American Well and the third party.

Network Security

The American Well network contains security devices which have been configured to permit only the protocols

necessary to allow the American Well System to function. All other protocols are explicitly denied. Monitoring

procedures of the security devices are designed to inform American Well of unauthorized access or otherwise

of 15



suspicious attempts to gain access to secured portions of the system across the network.

Security Incident Reporting

American Well will use commercially reasonable efforts to investigate, respond to and terminate any security

breaches or compromises.

Subject to restrictions imposed by law enforcement or applicable law or regulations, American Well will report

any confirmed security breaches or compromises to impacted customers within one business day following the

day on which American Well qualifies the occurrence, not to exceed 5 business days following its knowledge of

the event, or earlier if required by applicable law.

To the extent known, American Well will present the impacted customer with documentation of the cause,

remedial steps, and future plans to prevent a recurrence within 5 business days following the day on which

American Well has knowledge of and qualifies the occurrence of the security breach or compromise.

of 15



Software Maintenance and Support

Definitions

Documentation

The “Documentation” is the published material authorized and distributed by American Well that describes

the American Well System, and the installation and use of the American Well System.

Enhancement

An “Enhancement” is a change or addition other than an Error Correction that improves the function, adds

new function or substantially enhances the performance of the American Well System.

Error

An “Error” is a reproducible defect in the American Well System that results in the American Well System

not functioning in material conformity with the Documentation.

Error Correction

An “Error Correction” is a change to the American Well System or the Documentation, or a workaround,

that is in a form that allows its application to the American Well System or inclusion in the Documentation

to re-establish material conformity with the Documentation.

Level 1 Support

“Level 1 Support” is the service provided in response to the initial phone or other inquiry call placed by a

user which identifies and documents a suspected Error in the American Well System. This includes, but may

not be limited to, call-logging and validation, problem source identification assistance, problem analysis,

problem resolution, and preventive and corrective service information.

Level 2 Support

“Level 2 Support” is the service provided to analyze or reproduce the suspected Error or to determine that

the suspected Error is not reproducible and to resolve the reproducible Error. This includes, but is not

limited to, problem recreation, in-depth technical analysis and problem resolution and passing the

reproducible Error to Level 3 Service with proper documentation that proves the Error exists.

Level 3 Support

“Level 3 Support” is the service provided to resolve reproducible Errors that are determined to be, or are

highly probable to be, the result of a defect in the American Well System, and which requires design

engineering knowledge or expertise to isolate and resolve.

of 15



Maintenance Responsibility

American Well will provide customers who subscribe to, and are current with respect to paying for,

Maintenance and Support with updates to the American Well System containing Error Corrections and/or

minor or major Enhancements. American Well will make these Error Corrections and Enhancements generally

available to all American Well hosted customers who are current with respect to billing at or around the same

time. American Well will, at no additional cost to its hosting services customers, install Error Corrections and

Enhancements on behalf of those customers. American Well will perform any additional implementation and

configuration in accordance with a Statement of Work at American Well’s then current rates. All Error

Corrections and Enhancements are owned by American Well, deemed part of the American Well System and

licensed to customers in accordance with the terms and conditions of the applicable license agreement.

Support Responsibility

Level 1 and Level 2 Support

Level 1 Support personnel handle all interactions with end users. American Well provides Level 1 Support to

all Customers with a current Maintenance and Support agreement. American Well also provides Level 2 and

3 Support where more technical expertise is required.

Third Party Content and Services

American Well maintains support and maintenance arrangements with third parties that provide content or

software for the American Well System. When there is a problem with a third party component which affects

its Customers, American Well works with the applicable third party in accordance with American Well’s

arrangement for maintenance and support with that third party and provides support and maintenance for

such component pursuant to such terms. .

of 15



Error Classification, Reporting and Response

Error Classification

American Well shall respond to reported Errors according to their severity, as classified in accordance with

Table 1.

Table 1 - Error Classification

Severity Criteria

1 An Error that results in catastrophic failure of the American Well System or poses a significant, imminent risk to protecting the privacy of Protected Health Information.

2 An Error that results in the American Well System being usable, subject to major restrictions on its essential workflows, for which there are no workarounds.

3 An Error that results in the American Well System being usable, subject to major restrictions on its essential workflows, for which there are available workarounds, or an Error that disables non-essential workflows, regardless of whether a workaround exists.

4 An Error that results in inconveniences of the American Well System, which are not critical to the its operation and for which there are workarounds.

Error Reporting and Response

Customers should report Errors in accordance with the standard reporting procedures described in Table 2

below. Errors that are properly reported to American Well will be acknowledged by American Well’s support

team, who shall assess the Error and initiate appropriate corrective action by American Well if needed.

Table 2 - Error Response

Severity Error Response

1 Error reports will be acknowledged by American Well within one hour. The issue will be worked on consistently until an official fix or adequate workaround is available. An action plan will be provided within 2 hours,if requested.

2 Error reports will be acknowledged by American Well within 4 hours. The issue will be worked on consistently during office hours until an official fix or adequate workaround is available. An action plan will be provided within 24 hours, if requested.

3 Error reports will be acknowledged by American Well within one business day.

of 15



Commercially reasonable efforts will be made to address prior to the next official release. An action plan will be provided within 10 business days, if requested.

4 Error reports will be acknowledged by American Well within one business day. Commercially reasonable efforts will be made to address by the next official release.

Escalation Procedures

In the process of resolving Severity 1 and 2 Errors, American Well will provide regular progress updates to the

impacted customer. In addition, American Well and the impacted customer will each designate a

representative to be available by cell phone outside of regular business hours in order to confer regarding

the resolution process.

Table 3 - Escalation Procedure

Severity Criteria

1 If an action plan is not provided within 2 hours of a request: Account Manager If an action plan is not provided within 12 hours: Vice President If an action plan is not provided within 24 hours: Executive Vice President

2 If an action plan is not provided within 24 hours of a request: Account Manager If an action plan is not provided within 48 hours: Vice President If an action plan is not provided within 72 hours: Executive Vice President

of 15



On-Site Support

All support efforts will be performed on American Well’s premises. Should any on-site effort be required,

customers agree to pay American Well all travel expenses at American Well’s then per-diem rate unless such

on-site support is the result of an Error. All expenditures will be approved by the customer in advance.

Documentation

Following an Error Correction or Enhancement, American Well shall supply customers with a copy of any

applicable modifications, supplements, or new documentation versions as soon as they are available.

Customer Error Reporting Guidelines

American Well’s obligations in the event of an Error are subject to its customers’ adherance to the following

guidelines:

Customers must provide American Well all information necessary for diagnosis of Errors within the response times set forth above.

Customers, where appropriate, must provide experienced IT professionals and/or technical service representatives to collaborate with American Well on troubleshooting and reporting Errors.

American Well may not be able to fix all Errors, and may instead provide a workaround to an Error in-lieu of a fix. If American Well is asked by a customer to work on an issue that is not an Error, customer shall reimburse American Well at American Well’s then current time and material rates for all work of American Well spent investigating any issues that were not Errors.

of 15



American Well Hosting Operations Guide for AmWell …€¦ · based on standards such as HITRUST...

Documents

Transcript of American Well Hosting Operations Guide for AmWell …€¦ · based on standards such as HITRUST...