We make every effort to protect patient privacy and keep medical records secure. In addition to strictly following the HIPAA regulations, we implemented a number of additional measures to ensure that all information is safe and accessible only to authorized personnel within our company.
- All access to records requires login and password and is monitored and logged
- Physical access to server room is limited and is logged
- All individuals with access to PHI have completed HIPAA training
- Data at rest outside of our server room is encrypted using strong encryption algorithms (e.g., AES-256bit)
- Data in motion is encrypted using VPN, SFTP, SSL and PGP technologies
- All electronic data is destroyed immediately after completion of project/contract using multi-pass secure erase technology
- All data on paper or optical media is destroyed using cross-cut shredding
