|
|
|
 |
 |
|
 |
|
"Keeping healthcare data secure is fundamental to our company's infrastructure, training, and processes." |
|
|
 |
|
 |
|
| |
| |
| |
|
|
|
|
| |
|
|
|
|
|
|
 |
|
 |
 |
|
 |
|
For any outsourced service such as the ones provided by eHealth Global, security must be taken very seriously.
Even compared to other community-based medical record integration projects, this service exceeds most measures of security required for medical |
 |
| |
| HIPAA |
| eHealth Global signs a HIPAA (Health Insurance Portability and Accountability Act of 1996) Business Associate Agreement with all of its customers before |
|
| providing services. This agreement extends the privacy protections inherent in the HIPAA provisions to eHealth Global. eHealth Global can be audited at any time by its customers to validate our compliance to the HIPAA regulations, or the audit may be in conjunction with an audit of a "covered entity" (i.e., a hospital or other healthcare facility). The security of your private healthcare information is founded on one of eHealth Global's core values: |
| |
 |
Keeping healthcare data secure is fundamental to our company's infrastructure, training, and processes. |
|
| |
| eHealth Global is a HIPAA Business Associate of the institutions that utilize our eHealthConnect™ service, and the records we obtain are only for ongoing treatment of patients. Under the Privacy Rule, covered entities are permitted to use or disclose protected health information (PHI) for treatment, payment, or health care operations without an authorization. Notably, a covered entity may disclose protected health information for its own treatment or for the treatment activities of another health care provider. (45 C.F.R. §164.501). |
| |
| Security |
| eHealth Global takes the security of your data very seriously. All protected health information (PHI) that enters or leaves our facility via a public network is encrypted/encoded. eHealth Global is also unique in its provisioning of a service and technology to deliver medical images and documents without ever actually transferring the data out of our facility. This unique approach presents just the "view" of the information, without ever loading it on the client PC or mobile device that may be accessing the information. In this way, there is never a risk of misplacing or losing PHI, since it was never actually downloaded to the client system. |
| |
| The information that we store is archived in multiple facilities, which typically have better security protection than healthcare institutions. eHealth Global has two or more levels of redundancy of information. In the case of a disaster, eHealth Global has appropriate disaster recovery plans to allow rapid renewed access to the information that we manage. Backup power, climate control, and off-site storage of data are all part of this process. Access to the facility is controlled and protected. It is sad to say, but it is much more difficult for a person to enter a data center without authorization, than it typically is to get into the medical records department of many hospitals. |
| |
|
|
|
 |
|
 |
|
|
|
|
