HIPAA COMPLIANCE AND SECURITY

HIPAA, patient privacy protection, and security issues are considered very important by Medi-Type. Medi-type employs the latest industry approaches or encryption and authentication. Medi-Type employs strict security standards for all the various aspects of its operation. Medi-Type complies with the laws and regulations set by HIPAA.

Data Integrity and Telecommunications

• 128 bit encryption for data transmission through a public network
• “firewalls” are in place
• servers are set-up with non-routable IP addresses that are not accessible outside the firewall by users from the public network

Physical Access to Data Center

• Physical access is restricted to authorized personnel and security is enforced through electronic ID badges or bio-metric authentication

Policies and Procedures

• Auditable procedures for user authentication and password administration and for client authentication if Patient Health Information has been compromised
• HIPAA training for all personnel having access to Patient Health Information
• Requires employees to sign a non-disclosure/confidential policy statement

Application Level Security

• Password resetting enforced on a regular basis and “used” or “repeated” passwords are not allowed to be reused
• Audit trails to record all transactions relating to patient records including read access, edit, print, and file transfer