%201.svg)
With robust security measures, data security policies, employee training, and stringent background checks, we deploy the best practices to prioritize safe handling of your patient health data.
Let's ConnectWe take data security seriously. We are GDPR and HIPAA-compliant, as well as ISO 27001, ISO 9001, and SOC 2 Type 2 certified.
Stored data, data in transit within laptops and desktops, and emails containing PHI/PII are all encrypted. Our employees access sensitive information only via an encrypted connection.
Segregated internet access for sensitive data tasks and unrelated activities, each with dedicated networks and computers, to keep data safe.
Mandatory complex password required for employees' login IDs and periodic changes to passwords are required.
Resilient recovery plans backed by an efficient Security Risk Assessment (RSA) to deal with disasters and security incidents, should they occur.
Sophisticated high-security firewalls restrict the movement of information to keep data safe. Anti-virus technology is employed to protect the end points.
Strict control over information outflow, with policies allowing emails to be sent only to whitelisted addresses or customer domains.
Proactive monitoring of each network perimeter for unauthorized access. Ready to implement Incident Response procedures in the event of any threats.
Separate PHI/PII Zone on our production floor to prohibit video recordings and mobile phones.
Controlled Access to PHI Zone based on the task requirement with added restriction via employee access cards.
Employee desktops in the PHI/PII Zone are monitored and video recorded for enhanced security.
Real time monitoring and control of PHI Zone with 24/7 security guards, all year round. Guards have a mandates to record unauthorized access incidents to the compliance officer for appropriate action.
No work-from-home provision to employees with access to PHI/PII unless directed by the client to avoid the risk of accidental data breaches.
On-site HIPAA compliance officer, sanctions for HIPAA or company policy violations, regular HIPAA compliance audits, and corrective plans for violations
Employees trained on HIPAA compliance, privacy and security upon hire. We also conduct job-specific HIPAA training programs and regular security awareness trainings.
Posters displayed on HIPAA compliance, privacy and security at all locations to consistently reinforce awareness of compliance.
Regular and thorough training sessions held to prevent unauthorized software downloads, recognize phishing and ransomware threats, and avoid human errors such as mishandling and misdelivery of PHI.
Thorough background verifications for all new employees, privacy and confidentiality training. Employees are also required to sign a mandatory confidentiality agreement.
Restricted access privileges for new employees depending on their work profile.
