​

• Electronic key card secure facility access

• Locked server racks

• 24/7 security camera surveillance

• Gigabit LAN port speed

• Online bandwidth reporting

• No smart phones allowed in work areas

• 24x7 video surveillance of entire office

• 24x7 security personnel guard the office premises

• Employees issued photo IDs and lanyards, which are required to access data processing areas of the office

• Lockers for employees to store their belongings (e.g., backpacks, smart phones) during work hours

• Entire internal network is behind the firewall

• HIPAA compliant Secure FTP server, Secure Fax and Secure email are used to transmit/receive the data.

• Data at rest (Servers, Desktops & Laptops) have full hard disk encryption in place

• Data analytical techniques are used to identify trends, gaps & opportunities.

• We conduct background investigations relating to past employment history and criminal activity

• Employees have to return all documents, files, computer equipment, company tools, business credit cards, keys, and other Company‐owned property on or before the last day of work.

• Password policy: We have strong password policy set up for our servers and applications.  User passwords expire every 90 days

• Web filtering: Web traffic is filtered and logged

• Maximum number of bad access attempts: Authentication servers are set to lock user accounts after a predefined number of bad logins

• Users only have non-admin rights: Regular users do not have admin rights.  Only IT staff can install or remove any software

• New employees require IT system and HIPAA training

• Annual HIPAA training policies in place

• Workstation security in place and users are trained to follow

• HIPAA security official appointed

• Records of access authorization documented

• Highly experienced & skilled medical billing team