|
|
We account HIPAA compliance as a priority by conducting HIPAA compliance
training and other initiatives. We have a large competent
workforce to enable high productivity volumes within the
commitments. We are focused for delivering zero-error output to
all our clients. In addition, our quality and reporting group
evaluates processes internally based on checklists of requirements
defined by you. We consider the HIPAA regulations a call to
revolutionize our overall processes and aggressively move towards
a more secured deployment of electronically transmitted healthcare
information. By adoption of the best practice approach to privacy
and security, we earn the confidence of the clients.
Physical Security
All our premises can be accessed by authorized staff only those
are highly trained, and cognizant with our services and privacy
policies.
Information Security
All our incoming ports are protected by filters and a firewall;
system access is only offered to FTP and management ports. SSL
supports the access of our server by our clients and only a valid
login name and password is given access. Only encrypted files are
sent across the internet. Even if the files are intercepted
en-route, no one can decode them as they are configured around
stringent security standards.
Data Access
All our transcriptions process dictations and reports on
workstations, connected to the company’s private network. No
floppy driver, disc drives etc are present on these workstations,
which prevent the download, transmission or printing of
information. Recordable media are strictly prohibited within the
premises of the facility.
Privacy
All Transcyber Adi Inc. employees sign a confidentiality
agreement, and if asked for, we supply a copy of this agreement to
our clients. Our computer systems have active security; monitored
24x7, with automated and real time network intrusion detection.
Emergency Contingency Plans are in effect to facilitate continuity
of operations. Hard-copy documents related to clients / patients
are disposed of with the shredding of the said documents.
This is just a brief cross-section of all the HIPAA guidelines
that have been adopted as a part of our working processes. For
more information you can contact us directly and learn more about
our stringent data security and compliance procedures.
System Security
Our processes are planned to ensure a high level of security and
confidentiality through strict privacy policy implementations and
compliance with international standards. FTP servers used for data
transfer are secured. No removable media is provided on operator
workstations. Client data is generally not printed at our end,
however if needed, the papers are shredded after use. Every
operator and Server activity is logged and monitored. All
applications require authenticated access to the system using a
login identifier and password. Access to complete data is limited
to the system administrator and authorized personnel. All these
personnel require a password. In the unlikely event of server
getting stolen or directly accessed by an unauthorized individual,
access to the data would be denied because of the requirements for
user authentication.
Administrative Security
We require all employees to sign a confidentiality agreement prior
to joining the company. We monitor each employee's activity in his
or her work area and then we generate a daily log report. During
normal working hours, we do not permit employees to leave the
premises without prior authorization from their supervisor. All
employees are thoroughly briefed on privacy & data security issues
and they realize that any lapse on their part would normally
result in termination of their employment.
|
