As a company we are fully aware of the responsibility that we as Business Associates of Covered Entities have towards complying with HIPAA regulations
The following is a brief tabular summary of the steps that we have taken to comply with these regulatons :
| Access to personnel : | All users access computers on our network with a userid and password. Transcribers and QA staff only have access to voice and document files that they have been assigned to work on. |
| Audit Trails : | There is a detailed audit trail of all personnel downloading from and uploading to our servers. |
| Encryption : | All data in transit have 128 bit encryption. This is the industry standard and almost impossible and certainly prohibitively expensive to break. |
| E-mail attachment : | Email attachments are also encrypted before transmission over the internet. |
| Restrictions : | Most of our operations are done electronically. Personnel are allowed to print paper copies only for the purpose of faxing/mailing to our clientele (if requested) or rarely for QA work. All personnel are required to shred paper documents as soon as their purpose is served (except for fax cover-sheets, which contains no PHI detail, for a record of the fax). |
| Selection : | All personnel selected for working with us have had intensive experience in the industry. We also check out their references and former employers to select only the most responsible people. |
| Contracts : | Employment and business contracts with our staff and business associates have strict, enforceable conditions, with severe penalties, of maintaining the privacy and confidentiality of the PHI. |
