Synthesis HealthSoft processes are committed to protect PHI in all aspects and adhere to the HIPAA standards. Our operation teams follow strict compliance requirement laid out by our compliance team to protect PHI
Privacy
- All our employees sign a Non Disclosure Agreement as part of the hiring process with severe penalty for HIPAA violation
- All our new staff under go a HIPAA training session and a test. For existing staff it is mandatory to undergo the annual HIPAA refresher class and test.
- All our vendors sign the chain of trust agreements to protect PHI.
Security
- Physical access and electronic access to files/folders containing PHI are restricted to unauthorized personnel
- We follow a clean desk policy and all paper work with PHI is shredded on a regular basis for compliance reasons
- Our policy prohibits e-mailing PHI, we use secured FTP paths to transfer PHI with protected password
All our production staff are provided with unique logins and passwords to access their systems
- All our systems are enabled to automatically lock if un-attended beyond 5 minutes
Access to the production floor is based on the business requirement and restricted to the authorized staff only
- Access is denied to cameras and mobile phones on the production floor with exception to the senior management
- All our servers are behind firewall and protected from Virus
- Any data transfer over the web would be on 128 bit SSL encryption