|
|
|
|
 |
We have 24x7x365 security personnel manning our
office. |
|
|
|
|
All computers require passwords to use the computers
and to start windows. |
|
|
|
|
All the external drives including floppy disk drives
are disabled on each computer. |
|
|
|
|
No personnel are allowed to bring in any gadgets or
papers or any written documents at workstation. |
|
|
|
|
Every employee is checked on entering and leaving
the premises. |
|
|
|
|
We have firewalls and antivirus software on all the
computers and update virus definitions daily. |
|
|
|
|
Any spoiled hard copies of patient information
including documents schedules are shredded on site. |
|
|
|
|
The entire process is conducted using security
measures to protect the integrity of protected
information according to HIPAA guidelines. We follow
256 bit encryption for all transferred files. |
|
|
|
|
Administrative procedures in place to guard data
integrity, patient confidentiality and document
availability (Information Access Control and Access
Authorization). |
|
|
|
|
We currently require all our employees to sign a
confidentiality and non-disclosure agreement. |
|
|
|
|
We have security services employed to prevent theft
and/or vandalism of any information stored on our
systems. Technical evaluations are performed on a
routine basis to make sure all systems meet or
exceed specified security requirements. |
|
|
|
|
All persons, administrators and employees, who have
access to any sensitive information, patient records
or voice files, etc., have the appropriate
clearances. |
|
|
|
|
Our entire work force is trained on privacy,
security and confidentiality. We strive to meet and
exceed all regulations. |
|
|
|
|
|
Administrative safeguards: |
|
Practices
must adopt formal administrative procedures designed
to protect personal electronic health information.
They must, for instance, designate a security
officer to assess the group's potential security
risks and monitor compliance efforts. |
|
|
|
Physical safeguards: |
|
We
implement procedures to safeguard their computer
systems and other equipment, as well as the
buildings where the practice is housed. |
|
|
|
Technical safeguards:
|
|
Groups must make sure that technical safeguards such
as network firewalls, passwords and automated logoff
are in place to control and monitor access to
electronic information. Those procedures are meant
to protect against inappropriate use of information
by both external and internal sources. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
