Security

Security is critical for systems that store and retrieve patient information. We are dedicated to a fully secure and HIPAA-compliant system.

eDocList products are HIPAA compliant and meet or exceed HIPAA's Privacy and Security Rule requirements. All transmissions of data (including wireless transmissions) are encrypted using industry-standard 128-bit SSL encryption.
We are independently HIPAA audited by a third party and have been found to be 100% compliant across all 54 HITECH citations and 136 audited components. Our systems are designed around the healthcare industry with security in mind – ensuring protection of PHI. We are committed to HIPAA compliance and will sign a BAA with all healthcare clients upon request.
We comply with disaster-recovery procedures and perform offsite backup.

Front end software security features are also critical in an environment with PHI:

1. Username and password-protected - By default password length/strength and username length requirements are in place, but can be further customized depending on your insitution's specific requirements.

2. Administrators (in group accounts) have complete control over their users - add, edit or delete users - including auto-deletion after a set time (i.e. end of residency). Administrators are warned when a user's account is about to expire so they can be removed (i.e. when a resident graduates or otherwise leaves the institution). Control whether users can transfer patients to each other. Audit activity of all users; viewing and editing of patient information is time stamped. You have complete log files to audit all aspects of activity by user.

3. Automatic logoff after a set time if the computer is left unattended.

4. All patients lists are backed up for redundancy. Administrators control when patient information is permanently deleted.

NETWORK/PHYSICAL SECURITY

eDoclist.com is hosted in a state of the art facility with intrusion detection and automatic firewall management. The system is monitored and maintained 24/7 by dedicated highly trained technicions. To ensure uninterrupted availability of protected health information, our fully redundant networks and power are built for automatic failover, guaranteeing your critical data and applications are always accessible. The Michigan data centers are interconnected by Gigabit fiber and located 53 miles apart with multiple Internet Service Providers (ISPs), providing an ideal infrastructure for data backup and disaster recovery plans, meaning your data will be recoverable even in the event of a disaster.

Multiple Tier 1 Internet Providers * SAS 70 Type II Certification * Network Monitoring Around the Clock * Parallel, Redundant, Multi-Tiered Network Architecture.

Have your IT department contact us if more information is required.

Our SSL certificates support both industry-standard 128-bit (the same system used by all banking infrastructures) and high-grade 256-bit SSL encryption to secure all of your on-line interactions with eDocList. The bottom line … your sensitive data is secure.