Home   |   About Us   |   Hipaa   |    Contact Us
  
 
SERVICES
Transcription
Medical Billing
Web Solution
 
 
At Zapak, we have gone to great lengths to ensure that our entire process is completely secure and HIPAA ( Health Insurance Portability and Accountability Act ) compliant - from the initial physician dictations to the return of transcribed documents. We use the best practices for handling Protected Healthcare Information (PHI) and Medical Transcription, adhering to requirements of HIPAA norms. All client/patient details and medical transcription service related procedures, voice files storage, documented data storage and document management conforms or exceeds HIPAA regulations.

Technical Security Measures to Guard Data Integrity, Confidentiality, and Availability

All our Computer Systems and Networks are protected by passwords and encryption technologies to provide controlled access and at the same time restrict unauthorized access to our data resources. Our computer systems have active security, automatically monitored 24x7, with automated and real time Network Intrusion Detection mechanisms. We use dedicated toll free lines for Dictation capture whose access numbers are accessible only to our clients.

Our Dial-In Dictation Server is secure and a closely guarded system. The fact that only the client knows his / her code for logging into our system for dictation recording is in itself a fact that makes the Server extremely safe in terms of security. Once the files are recorded we use an encryption mechanism, which encrypts the recorded files before they are transmitted through the Internet.
The transmission is through secure and dedicated web space solely managed and used by Zapak using a highly secure File Transfer Protocol.


Administrative Procedures to Guard Data Integrity, Confidentiality, and Availability

All our Computer Systems and Networks are protected by leading edge Anti-Virus Software, Encryption Technologies and Firewalls Solutions. All our computers and networks are configured in a way as to prevent unauthorized viewing, editing, printing, deleting, or copying of any files/data. We have extensive logging and security tools to prevent, detect & restrict all possible security breaches.
Our systems are regularly monitored and subjected to internal audits. Technical evaluations are performed on a routine basis to make sure all systems meet specified security requirements as mentioned in our internal policies.
Emergency Contingency plans are in effect to facilitate continuity of operations. All the important files and data are backed up on a secure backup facility, as per the established norms at Zapak.

We have procedures and policies in place for closing system access to ex-employees. All entry and access rights are removed when an employee parts ways with the company.

We have documented policies and procedures for the manipulation, storage, dissemination, transmission, and disposal of protected health information.

We have procedures and policies for granting different levels of access to healthcare information for employees.


Physical Safeguards to Guard Data Integrity, Confidentiality, and Availability

We have our Chief Technology Officer who is responsible for administering healthcare information security procedures.

We have procedures in place to manage the use and storage of media within various centers of operation.

We have secure entry and exits at work center to prevent unauthorized physical access to information.

Privacy Compliance Measures

All persons, administrators and transcriptionists, who have access to any sensitive information, patient records, or voice files, etc. have the appropriate clearances from the management of Zapak to enable them to do their tasks and duties. The company has in place, signed confidentiality, secrecy and non-disclosure agreements with all of them. We regularly provide training to our entire workforce for upgrading their awareness and instill a sense of responsibility towards maintaining privacy, security, and confidentiality.
We have policies to handle the destruction and/or de-identification of PHI when a customer contract terminates. Totally fictitious and dummy data is used in the training of employees.
 
All rights reserveed by Zapak I.T. Inc.