System Security
HealthPort Technology: Providing Best in Class IT Capabilities
At HealthPort, we’re highly committed to the confidentiality and security of protected health information and the satisfaction of our customers and requesters.
To achieve “Best in Class” information technology (IT) capabilities, we have gone above and beyond what’s required by the industry to meet security and compliance standards. By identifying and implementing baseline goals and service objectives to evaluate our staff, physical structure, operational processes and technology, we are reinforcing our IT infrastructure for the compliant exchange of protected health information. Below is a summary of actions we have taken to demonstrate our focus on system and technology integrity through measures performed by our internal security team or sanctioned through third party firms:
Internal Security Audits and Measures
Vulnerability Scans: HealthPort has put several tools and processes in place to monitor all internal systems for potential threats, and diagnose and recommend fixes to enhance the security of our technology for added protection from unknown sources.
HealthPort Disaster Recovery Plan: HealthPort maintains a proven and semiannually tested disaster recovery plan to protect processes and systems in the event we are faced with an unexpected risk to our stored information or application systems. The plan outlines in detail, our business continuity which includes our associates, processes and technology.
Third Party Security Audits and Measures
HealthPort SAS 70 Certification: HealthPort SAS 70 Certification: HealthPort has received Statement on Auditing Standards (SAS) 70 Certification with the issuance of a Type I Auditor’s Report. SAS 70 Certification equips HealthPort with independent third-party verification of an in-depth audit of control objectives and activities, which includes controls over our IT infrastructure and operational processes. In addition, SAS 70 provides our customers with a greater understanding and assurance that as their release of information services provider, we have the necessary internal controls in place to securely transmit protected health information. HealthPort is currently undergoing testing for SAS 70 Type II Audit to be completed by December 31, 2011.
HealthPort Penetration Test: Each year, HealthPort invests in penetration testing which involves an active analysis of our IT security by a third party firm through an audit and assessment of safeguards currently in place. The audit includes data integrity, security controls and polices, as well as our physical structure.
Financial Transaction Security Standards: HealthPort is fully compliant with the Payment Card Industry Data Security Standard (PCI DSS). This audit ensures that customer credit card information is safe and secure throughout every transaction. Requesters can be confident that transactions with HealthPort are protected against the risk of data breaches.
For more HealthPort System Security Resources, click on the links below: