Home » SECURITY

SECURITY

HIPAA compliance is adherence to the physical, administrative, and technical safeguards outlined in HIPAA, which covered entities and business associates must uphold to protect the integrity of Protected Health Information (PHI). The HIPAA Security Rule outlines the requirements for the protection of electronic patient health information. The Security Rule refers to “Security Standards for the Protection of Electronic Protected Health Information. As healthcare organizations strive to leverage the Internet, they need to deploy a security architecture to meet government regulations and ensure the trust of patients. The Administrative Simplification section of HIPAA is designed to improve the efficiency and effectiveness of the healthcare system by standardizing the electronic data for specified administrative and financial transactions while protecting the security and confidentiality of that information.

SBN HealthCare understands that as a provider you worry about the PHI information about your patient and we ensure that this will not breach we follow these below mentioned technical safeguards to avoid PHI breach.

  • Encrypted Network
  • Control Access of Users
  • Authenticate ePHI
  • Encrypt Devices
  • Control Activity Audits

Encrypted Network

  • Astringent network security policy restricts access to authorized personnel only.
  • Multi-level security for systems and networks.
  • Passwords are changed periodically to strengthen security.
  • All systems are installed on a server secured with 128 bit SSL encryption.
  • Access to the systems is restricted to authorized staff.

Control Access of Users

  • Carrying documents into and out of the office premises is not allowed.
  • Carrying image capturing gadgets restricted at the workplace
  • Physical checks of employees before entering or exiting the office.
  • Employee signature on confidentiality agreement mandatory.
  • Compulsory Compliance training periodically.

Encrypt Devices

  • All office devices are encrypted
  • Access to the systems is restricted to authorized staff only.
  • Floppy disk and USB drives are disabled on all desktops/laptops
  • Multi-level security for systems and networks.

Control Activity Audits

  • Software, hardware, and configurations are constantly maintained.
  • Daily data backup to prevent loss or misplacement of important information.
  • Regular audit of employees having access to customer data
  • Surprise checks are conducted to detect breaches.