We continually monitor the regulatory environment to understand the full scope of our compliance responsibilities. When changes are made, we respond well in advance, and test all changes to make sure we remain in compliance.
Smart Data adheres to all HIPAA mandates. All employees are trained on the privacy and security aspects involved with HIPAA and Smart Data has taken precautions to make sure we are HIPAA compliant. Our data centers are highly secure, and our scanning centers have multiple security points prior to access. Our log in requires double user name password along with IP address restrictions.
We are very serious about maintaining compliance with HIPAA security requirements. Specifically, we are SOC 2 type two certified and recently completed an extensive security and penetration audit. In addition, we are an active member of both the EDI standards board and WEDI, for which we attend conferences and participate in educational forums to discuss policy updates. Our entire process is secure and adheres to all HIPAA mandates in each of our services — from the initial image upload, through the data-capture, data-scrubbing, archiving and all the way to the file return and EDI routing. All employees are trained on the privacy and security aspects involved with HIPAA.
We use the above to assess risk after which we prioritize remediation. Many security initiatives are identified internally. For example, we recently implemented password encryption within our database.