The HIPAA Security Rule identifies standards and implementation specifications that organizations must meet in order to become compliant. All organizations, including Dental Practices, which access, store, maintain or transmit patient-identifiable information, such as dental x-rays or photographic images, are required by law to meet the HIPAA Security Standards by April 21, 2005.
The general requirements of the HIPAA Security Rule establish that covered entities must do the following:
- Ensure the confidentiality, integrity, and availability of all electronic protected health information(ePHI) the covered entity creates, receives, maintains, or transmits.
- Protect against any reasonably anticipated threats or hazards to the security or integrity of such information.
- Protect against any reasonably anticipated uses or disclosures of such information that are not permitted or required.
- Ensure compliance by the workforce.
- Protect against any reasonably anticipated uses or disclosures of such information that are not permitted or required.
Covered entities have been provided flexibility of approach. This implies that covered entities may use any security measures that allow the covered entity to reasonably and appropriately implement the standards and implementation specifications.
RecordLinc Inc. takes HIPAA regulations, patient privacy and security of its data seriously. We have put into practice a series of security measures and procedures that exceeds the standard requirements. RecordLinc Inc. will continually seek to improve systems and internal practice and policies to ensure the highest level of integrity and security across all systems. This will include but not be limited to:
- A 128-bit SSL connection
- Automatic timeout features
- Unique user names with password protection
- Data Encryption
- Storage where data is backed up multiple times
- Extensive user audit trails
- Data is stored indefinitely
