HIPAA Compliance

Your data security is our top priority

HIPAA Compliance at DOCTUS

The Administrative Simplification provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA, Title II) required the Department of Health and Human Services (HHS) to establish national standards for electronic health care transactions and national identifiers for providers, health plans, and employers. It also addressed the security and privacy of health data. As the industry has implemented these standards, and increased the use of electronic data interchange, the nation's health care system will become increasingly effective and efficient.

Business Associate Agreements & Training

Comprehensive compliance framework ensuring all personnel are trained and audited

Business Associate Agreements

HIPAA Compliant Business Associate agreements are entered into with all personnel.

Comprehensive Training

All personnel and business partners are trained in security policies and regulations.

Regular Audits

All personnel are audited at periodic intervals with regard to their understanding and application of training.

Disaster Recovery

Detailed backup plan documented and taught to all personnel, audited and tested periodically.

Documentation & Monitoring

All policies and procedures are well-documented and officially communicated, with regular monitoring and internal audits to ensure continuous compliance and improvement.

Physical Security

Multi-layered physical security measures protecting your data

Restricted Access

Access to production areas restricted to authorized personnel only.

Identification Required

All personnel must carry identification at all times. Visitors are not permitted into production areas.

Device Monitoring

No unauthorized storage devices allowed. All devices entering or leaving are monitored by qualified technical staff.

No Network Storage

No protected information is allowed to be stored on the network after use.

Physical Checks

Periodic and random physical checks are made of personnel leaving the facility.

Data Security & Network Protection

Advanced encryption and monitoring to protect your sensitive information

Access Control

Multilevel username/password protection

Access to all protected information is restricted to authorized personnel with the use of multilevel username/password authentication systems.

Encryption

128-bit SSL encryption

All data transfers between facilities are encrypted using 128-bit SSL encryption to ensure maximum security during transmission.

VPN Security

Default option for all clients

Clients are offered VPN security as a default option, providing an additional layer of protection for secure remote access.

Network Monitoring

24/7 activity monitoring

All network activity is monitored and recorded continuously. All transfers are conducted by licensed or proprietary applications with full audit trails.

Questions About Our Security?

Contact us to learn more about our HIPAA compliance measures and data security practices

Get in Touch