Casescribe - HIPAA Compliance Statment

Encryption

Automatic Logoff and Timeout Routines

Two tiered security infrastructure

HIPAA Compliance Statement

CaseScribe has evaluated all of its currently implemented security practices and technical infrastructure for the purpose of providing a summary of compliancy with the HIPAA rules for privacy and security. Although regulations for privacy are finalized, HIPAA security regulations have not yet been finalized. The purpose of this paper is to communicate to our customers the practices and safe guards that we have implemented to ensure the highest data security. Tech S2, Inc. will continue to address HIPAA requirements and make every effort to stay up-to-date, processes and technology permitting. The following describes the processes and technical infrastructure currently implemented:

Encryption
128-bit SSL encryption is used to ensure information that is transmitted between users and CaseScribe servers is fully protected. At time of release to our servers, dictations are encrypted and transferred over a 128-bit SSL encrypted connection. When a transcription is retrieved through the web browser, the transcription is encrypted at the server level and decrypted into memory on the customer's PC and subsequently displayed.
Automatic Logoff and Timeout Routines
Each successful login maintains automatic logout controls. Users are automatically logged off after 10 minutes regardless of their activity. This stipulation requires customers to continually verify their credentials with the system.
Two tiered security infrastructure
Customer accounts are separate from speaker accounts. Speaker accounts belong to a specific customer account. This allows the account owner to review the speakers activity, but does not allow a speaker to review another speaker's activity, thus protecting access to only the speaker who has generated the dictation.