As a leading health information management company Photo-Stat is binded by law to uphold the Health Insurance Portability and Accountability Act (HIPAA) or HIPAA Compliance. Mitigating potential loss for our clients and staying in compliance with the HIPAA standard is our highest priority. Much of our HIPAA security operations were in place well before HIPAA was signed into law in 1996. A combination of a strict company policy and new technology has only enhanced our medical record security beyond the HIPAA and HITECH guidelines. Our step by step processes merges the concept of quickly delivering information to requestors and upholding all federal and state regulations regarding the privacy and protection of patient data and medical records management.
Although HIPAA does not require a penetration test or vulnerability scan, the National Institute of Standards and Technology (NIST) has issued a special recommendation for HIPAA that says, “Conduct trusted penetration testing of the effectiveness of security controls in place, if reasonable and appropriate”. This validates any exposure to actual threats and vulnerabilities and we are proud to say that our efforts and measures have met and exceeded this recommendation.
Our security practices have protected us and our customers from needing our $3 million general liability insurance policy.