pi has implemented all the appropriate physical, electronic, and managerial procedures to safeguard and secure the information with headache-free hosted data security and privacy, while allowing to take advantage of HIPAA-compliant transactions to give complete peace of mind around practice management system. We are committed to mandate and ensure the confidentiality, integrity, and availability of physically and electronically secure ePHI (electronic Protected Health Information) assets by protecting it from unauthorized retrieval, modification, destruction, or disclosure, and also reliably store the electronic data and provide for emergency access to the data.
We seamlessly incorporate HIPAA- Compliant security and privacy measures as well as transactions into a practice workflow. pi has prepared to meet all of the requisite transaction, security, and privacy obligations with as little hassle as possible.
For secure transfer, pi uses servers with powerful industry-standard Secure Sockets Layer (SSL) encryption on all communication points to eliminate the chance of the information being decoded and to safeguard the electronic transfer of all data - the same level of security as banks and Federal transactions. Adaption of stringent security measures- all while significantly reducing the security burden on office and staff protecting the computer-stored patient data from both physical access (break-ins, disgruntled employees, etc.) and electronic access (firewalls, complete network and user security, etc.) pi offers a full-service secure data management solution that removes all of the above hassles and enables much easier HIPAA compliance. The electronic data is stored in a world-class data center facility that has high security, highly secure access, 24-hour monitoring and patrolling, locked server cages, and state-of-the-art firewall protection with a robust backup system and disaster-recovery planning.
AUTOMATIC SIGN OFF
The system will be automatically logged out after a period of inactivity, to prevent unauthorized access to patient records.
Automatically tracks all users logging into and out of the system for reference by a system administrator.
The system permanently tracks any changes made to PHI, so those changes can be reviewed at any time by a system administrator. Privacy regulations protect the confidentiality of the patient's individual medical information with respect to others. These privacy regulations apply to all ePHI - paper, verbal, and electronic.
The system restricts access to ePHI based on administrative rights and user roles, so that the electronic information is revealed only to those are authorized to access it.
pi uses a set of patient consent management tools, including electronic form storage and automated reminders. We ensure minimum necessary access to sensitive information through role-based access authenticated by using strong passwords. A comprehensive and thorough risk analysis is conducted annually by independent external auditors with expertise in security regulatory compliance to evaluate compliance with objectives of regulations such as HIPAA and other Industry Standards. We thoroughly understand HIPAA regulations and relationships, as the HIPAA regulations continue to change and various deadlines arrive, pi will continue to follow and adapt the best to meet the HIPAA obligations.