Technology
Our Technology
HIPAA Compliance
HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. We possess the administrative, physical and technical safeguards according to the U.S. Department of Health and Human Services
Physical Safeguards
Physical safeguards include limited facility access and control, with authorized access in place. All covered entities, or companies that must be HIPAA compliant, must have policies about use and access to workstations and electronic media.
Technical Safeguards
Technical safeguards require access control to allow only the authorized persons to access electronic protected health data. Access control includes using unique user IDs, an emergency access procedure, automatic log off and encryption and decryption.
Audit Reports and Technical Policies
Audit reports, or tracking logs, must be implemented to keep records of activity on hardware and software. This is especially useful to pinpoint the source or cause of any security violations.
Technical policies should also cover integrity controls, or measures put in place to confirm that ePHI hasn’t been altered or destroyed. IT disaster recovery and offsite backup are keys to ensure that any electronic media errors or failures can be quickly remedied and patient health information can be recovered accurately and intact.
Network, Or Transmission, Security
Security is the last technical safeguard required of HIPAA compliant hosts to protect against unauthorized public access of ePHI. This concerns all methods of transmitting data, whether it is email, Internet, or even over a private network, such as a private cloud.