Security and HIPAA Privacy
Strategic Medical Management, has simple but strict policies and procedures written down for HIPAA compliance, which is discussed
- Sensitive documents are kept under the custody of the Senior Management
- Copying of sensitive documents is controlled by Senior Management
- Sensitive documents, which are not required, are immediately shredded.
- Handling of documents is done in strict adherence of the company’s document control system, which is executed as per the highest quality standards
- We use domain level authentication & ensure only authorized privileges are given, this allows us to monitor the access within the network.
- All activities related to User ID creation & access granting are done by the System Administrator only.
- User IDs are only created based on the request of duly authorized personnel.
- User IDs are deleted /disabled immediately after employee separation, which is followed by a clearance form duly authorized by the Project Manager.
Each employee signs a non-disclosure agreement with the company at the time of joining. This pertains to any information that is not available on the public domain. The importance of a non-disclosure agreement is periodically explained by the HR group to make all employees aware of these requirements.