Vision Infonet services are designed to assure Health Insurance Portability and Accountability Act (HIPAA) compliance.
Using manual as well as state-of-the-art technology, our physical security measures cover an exhaustive list of process controls at our Indian office. 24 X 7 Security guards are posted at the main entrances and exits. Access to the center is restricted and unauthorized intrusion is practically impossible. Apart from physical security guards - our entry points are electronically managed using access swipe cards. In the production, we have dedicated bays, which are access controlled and only authorized personnel have entry rights. Telephone/e-mail traffic is also monitored and tracked for unauthorized usage. Our security management personnel are professionally trained individuals who monitor all logistics within and outside the facility.
Vision Infonet and their sister concern in India ensures HIPAA compliance through exhaustive compliance management processes. Vision Infonet has a well-developed compliance culture, which is further reinforced through periodic training & education on compliance issues imparted to employees. The Vision Infonet compliance team ensures that project teams are kept informed with the updates in HIPAA guidelines. Periodic compliance audits are undertaken across the organization. HIPAA Compliance is strengthened by efficient implementation of corrective measures suggested by the audit and a strong follow-up on audit results.
We sign business Associate Agreement as soon as we finalize a contract, before accessing the data of that client.
Every employee signs confidentiality agreement with severe penalties for HIPAA violations.
Encryption algorithms ensure that privacy of the patient is protected.
Access to applications/databases defined on 'need to know' and 'minimum necessary' basis.
HIPAA compliant procedures under implementation in risk areas like:
Fax and email communication to external agencies.
Information disclosure to payers, patients, family members and others.
Storage, retrieval and/or disposal of reports and physical records.
Redundancy introduced at multiple levels ensures safety of transcribed files. Accidental or malicious attacks on stored databases are repulsed by firewalls around the secured servers.
There is a thorough understanding of patient confidentiality and all medical records. It is also well known that HIPAA makes constant changes as it incorporates or discards certain practices.
Contingency Planning : -
Data back-up planning
Disaster recovery plan