|
Safety/Security/Privacy
Protections
RTC is committed to ensuring that its services, systems and operations can be
integrated into a user environment that will support ongoing compliance
with the electronic transactions, security, and privacy standards as
currently promulgated by Federal rules and regulations. Some of the
safety, security and privacy protections currently in operation include:
Authentication - Authentication is ensured
through the use of passwords and unique identifiers to establish user
identity throughout the dictation and job management system.
Authorization - System-use authorization
is based on client-defined, user-and role-based access rights. Data,
program, system, and network integrity play a role in ensuring that
information is changed only in a specified and authorized manner
automatically allowed and verified.
Audit trail - A complete record (Log) of
the date, time and identity of persons accessing the job server is
maintained and made available at all times. This log is available by
individual jobs as well as in a report format for audit trail compliance
requirements.
System security - Monitoring of activities
occurring in the job server system prevent and/or detect any breach.
Attempted unauthorized access at any point of the process triggers alarms
and ensures security integrity. Furthermore, all file transfer is protected
by the use of https secure Internet transfer protocols, Secure Socket Layer
(SSL) technology, 128-bit encryption and authenticated certificates.
Disaster/prevention recovery - The
data center complies with industry standards and ensures detailed disaster
prevention/recovery procedures to manage and minimize damage or disruption,
and ensures stability in case of a disaster. Backup systems operate 24
hours per day with no data loss or interruption in service in the event of
system failure.
Data storage - Secure physical storage of
all data and secure transmission includes constant surveillance by
network experts, premises protected by secure locations, backup generators,
and securely encrypted transmission between job servers and users.
Confidentiality - All employees receive
training in confidentiality expectations and sign an agreement pledging to
protect all patient-related information. Requirements for management
of workstation protections are included in the confidentiality training.
|
