HIPAA Compliance
Health Insurance Portability and Accountability Act (HIPAA) was enacted by the US Congress in 1996. The purpose of this Act was to improve the efficiency and effectiveness of the healthcare system through the development of established health data standards and requirements for the transmission and storage of electronic health information. There are three types of standards created by HIPAA (privacy, security and administrative simplification). The security of the patients has been built from the day one. Our endeavor is to safeguard client data and information with the use of HIPAA complaint communication protocols in medical transcription. So this will ensure that all patient health care information is well secured in many medical transcription companies.
We follow strict HIPAA regulations with our company.
Administrative Safe Guards
ITS have adopted procedures to protect patient information by identifying employees or classes of employees who will have access to electronic protected health information EPHI has restricted to only those employees who have a need for it to complete their job function and an appropriate ongoing training program regarding the handling of PHI is provided to those employees performing health plan administrative functions.
Security
Safeguarding client information and reports is not only a legal requirement but also our ethical obligation. We maintain strict policies on the confidentiality, privacy and security of such information. We train and educate our staff and our customers about these policies, and adherence is continually reinforced. We have implemented tight security measures in all the systems by enabling firewall controllers letting them to access the required job function and all the access to equipment containing health information is carefully controlled and monitored. Required access controls consist of facility security plans, maintenance records, and visitor sign-in and escorts.
Our medical transcription company apply these measures and technologies not only in the transmission of client information over the Internet but also to every aspect of data storage and retrieval. Our customers can be assured that their information, whether in transmission or at rest, cannot be accessed without proper authorization. If cannot be intercepted, decrypted, or altered due (but not limited) to.
v 24X 7 security personnel manning our office
v Provided Secure backup facilities
v Back up systems and UPS are utilized to maintain a secure infrastructure
v Protected with advanced firewall system
v Redundancy at every level with failure and crisis plan
v All the external drives including floppy disk drives are disabled on each computer
v No personal is allowed to bring in any floppies, any electronic devices including laptops, PDA.
v No personnel are allowed to bring in or take out any paper or any written documents.
v Every employee is checked on entering and leaving the premises
v We maintain up-to-date contractual agreements with all business parties
v We follow 128 bit encryption for all transferred files
v Technical evaluations are performed on a routine basis to make sure all systems meet or exceed specified security requirements
v All persons, administrators and transcriptionists, who have access to any sensitive information, patient records, or voice files, etc., have the appropriate clearances and have signed confidentiality agreements.
v Our entire work force is trained on privacy, security, and confidentiality. We strive to meet and exceed HIPAA regulations on all matters.