Access to MHS online services via the MHS Online Assessment Center+ is restricted to qualified users and requires an ID and password. Registration of MHS customers or their designated users (examiners) includes defined user qualification levels (see Users and User Qualifications in chapter 1, Introduction and https://mhs.com/who-can-order/). All CAARS 2 data are stored in an industry-standard secure database. Access to these data is strictly controlled. A temporary password initially provided by MHS must be changed upon initial login to the MHS Online Assessment Center+. MHS Technical Support can reset a password at the request of the customer.

The CAARS 2 reports are scored by a separate secure scoring server controlled by MHS with an advanced level of security protection. MHS protects the personal data (e.g., name/ID, gender, and date of birth) of all test raters, clients, and users, as well as the data collected via electronic commerce interactions, with the highest levels of security. The data collected are stored in a secure database with a third-party vendor located in the United States that provides 24/7/365 security services and complies with various regulatory bodies such as ISO27001 and SOC-2. The databases use the latest Advanced Encryption Standard (AES-256), where data are encrypted at rest, and MHS web portals use Transport Layer Security (TLS 1.2), where information is encrypted in motion. TLS encrypts the examinee’s personal and test information (including test data, responses, and reports returned to the examiner).