Data Security & HIPAA

  1. Home
  2. Data Security & HIPAA

High security of patient data is maintained. Patient data is stored in secure password-protected location. We are fully committed to our clients and understand the concern they have regarding these issues. As medical transcription service provider, we maintain the highest level of confidentiality that is required, and all of our back-up materials are kept in Secured Fire Proof Lockers. File transfer from our clients to us is done using FTP method. We have our own dedicated secure FTP servers.

HIPAA

Excellent Transcription Service offers HIPAA compliant medical transcription service that assures high confidentiality. The purpose of HIPAA is to protect confidential healthcare information through improved security standards and it defines certain requirements for storing patient information. It creates awareness and provides guidelines for risk analysis, training, suggests policies to perform audit trials, disaster recovery and validates access control and encryption.

The following is a partial list of the rules and regulations that we strictly adhere to:

  • ETS files and directories on computers are configured in a way as to prevent unauthorized viewing, deleting, or copying.
  • To prevent unauthorized use, security devices are employed to prevent theft and / or vandalism of any information stored on our systems.
  • Client-related documents are sent to and from computers using a minimum of 256-bit encryption.
  • ETS stores patient and client names in a database that uses secure and encrypted technologies.
  • ETS has administrative procedures in place to guard data integrity, patient confidentiality, and document availability. (Information Access Control and Access Authorization)
  • Hard-copy documents related to clients / patients are disposed of with shredding said documents.
  • Technical evaluations are performed on a routine basis to make sure all systems meet or exceed specified security requirements.
  • We make sure our clients, when exchanging electronic data, know how to protect the confidentiality of the data exchanged.
  • Emergency Contingency plans are in effect to facilitate continuity of operations.
  • All persons, administrators and transcribers, who have access to any sensitive information, patient records, or voice files, etc. have the appropriate clearances and have signed confidentiality agreements.
  • We have provided privacy, security, and confidentiality awareness training to our entire workforce. Our compliance decisions are based on sound business practices and meet and exceed HIPAA.

In developing HIPAA compliance we have established the following:

  • Assessment of information available, who has access to that information and what protections are in place to prevent misuse of patient information, we may receive from our clients.
  • We have established a security policy with integrated whole business enterprise security.
  • Our computer systems have active security, monitored 24 hours a day, 7 days a week, with automated and real time network intrusion detection.
  • We use approved, time-tested, leading security products. (Virus protection and encryption)
  • Employees are subject to any patient privacy rules and regulations, and can be subject to immediate dismissal and may be prosecuted by the Laws of the United States if found in violation.