Synthesis Healthcare processes are committed to protect PHI in all aspects and adhere to the HIPAA standards. Our operation teams follow strict compliance requirement laid out by our compliance team to protect PHI
Privacy
All our employees sign a Non Disclosure Agreement as part of the hiring process with severe penalty for HIPAA violation
All our new staff under go a HIPAA training session and a test. For existing staff it is mandatory to undergo the annual HIPAA refresher class and test.
All our vendors sign the chain of trust agreements to protect PHI.
Security
Physical access and electronic access to files/folders containing PHI are restricted to unauthorized personnel
We follow a clean desk policy and all paper work with PHI is shredded on a regular basis for compliance reasons
Our policy prohibits e-mailing PHI, we use secured FTP paths to transfer PHI with protected password
All our production staff are provided with unique logins and passwords to access their systems
All our systems are enabled to automatically lock if un-attended beyond 5 minutes
Access to the production floor is based on the business requirement and restricted to the authorized staff only
Access is denied to cameras and mobile phones on the production floor with exception to the senior management
All our servers are behind firewall and protected from Virus
Any data transfer over the web would be on 128 bit SSL encryption
|