Security and Confidentiality
In view of the sensitivity associated with the Healthcare Information, all our teams work on fully locked down dumb terminal PC's which don't have a floppy drive, CD drive or a USB port.
We take all compliance related concerns of our customers very seriously and we address them proactively. Our delivery center houses the most technologically advanced infrastructure to handle data security issues. Here is how we go beyond the basics measures:
Data Confidentiality
- In view of the sensitivity associated with the Healthcare Information, all our teams work on fully locked down dumb terminal PC's which don't have a floppy drive, CD drive or a USB port.
- The teams have restricted remote access to the client’s software applications and tools enabling them to do the work required to accomplish the required services only in a secure manner. Specific client networks are physically isolated and have dedicated firewalls into the client’s network for an additional security.
Network Security
- Full-time in-house security team dedicated to monitoring hacker sites, assessing possible threats. This team ensures Physical security, network security, applications, desktop and voice and data security, Centralized control over enterprise resources, change control, access control and configuration management for minimum disruption in customer service delivery. Rigorous round the year audits are conducted to evaluate threats and develop and implement the relevant counter.
Physical Security
- In our delivery center, no one is allowed in without screening and no one is allowed to bring in or take any information capture devices including mobile phones and cameras. The facility is truly locked down with access only to authorized individuals in client specific areas protected by card readers and secure access systems. A 24x7 security force physically guards the facility against any unauthorized access.
100% HIPAA Compliant
- We are committed to achieving and maintaining compliance with the Health Insurance Portability and Accountability Act (HIPAA) of 1996. As your trustworthy partner in the chain of carrying patient health information, we have in place specific technical and physical security features for our data system, including identification of authorized users, control of system access, data integrity, and backup/recovery to ensure availability and reliability.
- In compliance with HIPAA, security is maintained using a combination of authorized mechanisms and secure socket layer protocol.
Authentication
- Authentication is ensured through the efficient use of passwords to establish user identity. Access to our proprietary workflow and distribution system is granted only after authentication.
Integrity
- Data, program, system, and network integrity play a role in ensuring that information is exchanged only in an authorized manner.
Audit Trial
- Complete logging of all modifications made to each and every document including the name of the editor, editor's role, and time of edit.
System Security Monitoring
- Monitoring of activities occurring in our system to prevent and/or detect any breach.
Data Storage and Transmission Features
- Secure physical storage of all data and secure transmission. This includes constant surveillance by network experts, premises protected by security guards, and securely encrypted transmission between PACIFIC and its clients.
Confidentiality Agreements
- We restrict access to all confidential information. Only select employees may access the system for administrative and support purposes. These employees are very limited in number and are committed to the PACIFIC privacy and security policies. PACIFIC signs a Confidentiality Agreement with each of our employees and our customers. This clause outlives the life of the contract itself.