SSL Technology and How You Benefit From It
At WebMD, we know security and privacy are important to you. We have taken steps to make sure that the personal or confidential information you have stored at WebMD is safe.
When your Personally Identifiable Information (PII) is sent to us, we require that a "secure session" is created, using Secure Sockets Layer (SSL) technology. This is done anytime you supply or access personal information on WebMD.
SSL technology creates a secure connection between the computer you are using and WebMD servers.. The SSL technology encodes or encrypts information as it is being sent over the Internet between your computer and WebMD, helping to ensure that the transmitted information remains secure.
The use of SSL requires two components: an SSL-compatible browser and a Web server to perform the "key-exchange" that creates a secure connection to WebMD.
The requirements needed for SSL technology to work include:
- 1A Compliant Browser - You will need a browser with SSL capabilities. Examples of SSL browsers include, Mozilla FireFox, Microsoft's Internet Explorer, AOL Opera, and Apple Safari (Note that some older versions of browsers will not support SSL sessions). If you don't already have a browser with SSL capabilities, you can download an SSL-compliant browser from the Internet. Examples of compliant browsers include:
In order to securely access your personal or confidential information via the Internet, we recommend you always use the newest browser versions that your personal computer will support.
- 2A Compliant Internet Service Provider - Nearly all Internet service providers (ISPs) should automatically enable the SSL session described above. If you use your company's internal connection to access the Internet and you cannot access the WebMD secure pages with an SSL browser, your company may be blocking access via a "firewall."
Please speak to your company's Internet systems administrator for details on your network's Internet access.
- 3Enabled Cookies - You also must have cookies enabled on your browser in order to use some of the features on WebMD. If you have chosen to disable cookies on your browser, you may not be able to access certain features on our Site.
In addition to SSL technology, WebMD has two geographically separate facilities, each with their own set of servers. When we have to perform maintenance on one set of servers, your data will be available from the second (redundant) location. This also provides you further assurance that your data is kept safe and secure in the unlikely event that we have server problems at one of our locations.
User ID and Password
WebMD requires the use of a User ID and Password as a security measure that helps protect your confidential information. This allows WebMD to verify who you are, and allows you access to your account information and prevents unauthorized entries. When you have finished using WebMD, make sure you always log out and close your browser window.
Browser software often "caches" a page when you look at it, meaning that some pages are saved in your computer's temporary memory. Sometimes, clicking on your browser's "Back" button shows you a saved version of a page you have viewed previously. While caching is common on most Internet sites, WebMD Health Manager does not cache your pages. Caching in no way affects the security of your confidential User ID or Password. If you use a computer in a public place to access your account information, simply quit or exit the browser software before leaving to remove the possibility of anyone else viewing your confidential information.
WebMD uses the latest technology to protect your stored information. We use firewalls at many levels to prevent unauthorized Internet users from accessing our systems. All messages entering or leaving our system pass through these firewalls and are examined according to certain security criteria we have in place. If the defined criteria are not met, the message is blocked. A firewall is considered a first line of defense in protecting private information.
How You Can Protect Yourself
WebMD can help ensure that the information you store in our system is kept safe and secure, but we cannot protect your computer or the connection you make to the Internet. Here are a few steps you can take to help make sure that your computer connection remains safe from unauthorized intruders via the Internet:
By making your password at least 8 characters long and by mixing both numbers and letters, you can help WebMD Health make your password even more difficult for an unauthorized user to "guess". It is recommended that you change your password at least every 6 months.
Your login name, combined with your password, provide you access to your WebMD member areas. Along with your password, your username is the secret name you will use to access the member areas of WebMD. Your username can be any name you choose and must be at least six characters, and it may contain any combination of letters or numbers. Access to member areas of WebMD Health requires both a username and a password. Keep in mind that the longer your password is and the greater mixture of letters and numbers you use (alpha-numeric), the more difficult it will be for an unauthorized person to "guess".
Much like the firewalls that WebMD uses to protect your data, a personal home firewall will help protect your home computer from unauthorized access entering your computer from the Internet. There are many home computer firewall programs available.
Virus and Spyware Protection
Also called adware or malware, spyware is any software that secretly gathers information through your Internet connection without your knowledge, usually for advertising purposes. Spyware applications are usually bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet.
When you download the program and allow it to install on your computer, spyware monitors your activity on the Internet, possibly including email addresses, passwords, or credit card numbers. Spyware can transmit that information, in the background, to someone else who will either use it for advertising/marketing purposes or sell the information to another party.
WebMD does not endorse any specific product or service, but we have listed examples of spyware detection and removal software for your review. It should also be noted that a personal firewall may help detect and prevent spyware programs' attempts to communicate to or from your personal computer.
ESET Smart Security – www.eset.com/solutions/index.php
Lavasoft Ad–aware – www.lavasoftusa.com
Spybot S&D – www.safer-networking.org
At the time this document was updated, there were more than 6,000 known computer viruses. Every computer should have a virus detection program running as well as personal firewall software. Your local computer store can help you select a program that is right for you. WebMD does not endorse any specific product or service, but we have listed examples of virus protection software for your review:
Symantec antivirus product page – www.symantec.com/avcenter/index.html
McAfee virus information home page – www.mcafee.com
Malwarebytes – www.malwarebytes.org/index.php
Also, a list of downloadable virus software can be found at: cws.internet.com/virus.html
How We Use Your Personal Information
Once you've become a registered WebMD member, we use your personal information to deliver products and services that you enroll in and to process transactions you request on our web site.
How We Use Your Email Address
We may use your email address to send you the following types of email messages:
- Occasional updates about our products and services as well as WebMD marketing offers (based on your Opt-in Preferences)
- Regularly scheduled email newsletters you have enrolled in
- Alerts and Reminders that you have signed up for or that are appropriate per your preferences
- Newsletters that are appropriate per your preferences
- Service notifications related to your account(s) and changes on our site that you should be aware of
These email messages may contain web beacons to count and measure effectiveness so we know how to serve you better. We do not collect personally identifiable information through web beacons or cookies. You may decline to receive email offers from WebMD at any time.
We do not share your email address or any Personally Identifiable Information we have about you with other companies for them to market their products or services to you. If we hire vendors to deliver emails to you on our behalf, they cannot use your email address for any other purpose.
Last Updated: November 22, 2011
© 2011 WebMD, LLC. All rights reserved.