Our HIPAA compliance initiatives ensure that Protected Health Information (PHI) is kept secure and the related privacy and security norms are met. We achieve this through the following:

  Data Security Systems

  Compliance Management

  Training & Education

  Quality & Quantity of work

Security Systems  Our intellectual property is safe in a 5-tier security system.

Workstation security  There is round the clock physical security of our premises. Data is accessible only on a secured network. The access is controlled through use of assigned user IDs and passwords. Each entry/update into the database is logged with the time and name of personnel.

Network Security  We have a firewall to protect our internal network from intrusion, denial of service, and information theft and to avoid all type of attackers: joy riders, vandals, scorekeepers, and spies. Our network security policy ensures Secrecy, Integrity, and Availability. Systems are protected against virus using anti-virus products.

Server Security  The servers are kept in the data center that has a high level of security. The physical servers are kept in a sub-area of the data center to which entry is allowed only to the maintenance staff, data back-up people and in exceptional cases System Administrators. The access control is through swipe cards. Each System administrator has a separate login that allows only limited functionality and doesn't provide access to confidential client data. There is a separate root login required for access to server to change/modify data. All activities on this login are logged and review of the same happens within 24 hours by 2 different reviewers.

Web Content Security  A caching proxy checks the contents of web transfers based on company's web security policies.

Data misuse and privacy checks  Our employees log in to their respective workspaces on the server, where the work allocated to them is stored. They process the input from the client and log out once they are done with their work. The computers in our operations department are not connected to printers. Computers dedicated to client work do not have floppy/CD drives. Email access is limited to only the job roles that require Internet connections. Access to all third party email sites, such as Hotmail, Yahoo, etc. are blocked. Only authorized people have access to the above. These measures ensure that data cannot be copied and sent out of our system. We have different workspaces for different clients. We strongly encourage members from different workspaces to not talk about work related issues. We do not allow visitor tours during working hours.

Quality And Quantity Of Work  We have a special feature in our software, which allows incoming documents to sit in memory until a password is entered by the personnel, by limiting access to patient information to authorized individuals only and thus the privacy of patient information is enhanced. A team with expertise in specialty coding meeting the set target and auditing personnel who ensure accuracy by taking care of undercoding and upcoding in contact with the client.