|
HIPAA Preparedness Statement
Medikin, a provider of ASP services to medical transcription companies, recognizes
the significant challenge that HIPAA regulation present to the healthcare industry
and to our customers. Medikin is committed to helping our users achieve HIPAA
compliance within the timelines established by the regulations. To this end,
we have created a governing framework to define and manage our HIPAA initiatives.
Medikin understands that some of the HIPAA regulations have not yet been finalized,
and are subject to change. Going forward, Medikin’s guiding principle
is to make every reasonable effort to be knowledgeable and responsive regarding
HIPAA regulations, and to achieve HIPAA compliance within the mandated timeframes.
Medikin Compliance
HIPAA REQUIREMENT |
Medikin Compliance |
1. Information Access Control
Limits access to the application by:
|
User ID and Password
|
YES |
Role-based access
|
YES |
Context-based access
|
YES |
User-based access
|
YES |
| Note: HIPAA requires at least one access control
mechanism to be present |
| |
| 2. Auto Log-off |
| Time out mechanism to define an automatic log-off from application
if no activity occurs within a designated time. |
YES, if requested |
| |
3. Audit Logging
Provides adequate report within the application with retro activity for
last 12 months when patient data is: |
Accessed
|
YES |
Changed (add or edit activity)
|
YES |
| Deleted |
YES |
| |
4. User Authentication
Uniquely identifies a user by: |
Password (Encrypted)
|
YES |
Personal Identification Number (PIN)
|
YES |
Telephone Confirmation ID
|
YES |
Token
|
N/A |
| Note: HIPAA requires at least one user authentication
method to be present |
|
