eHealthRecord maintains HIPAA compliance through a variety of measures. A 128 bit encryption algorithm is used when transmitting any patient information. Each user is required to use a strong password to login to the system. Access to patient records is logged via a secure auditing system that can be later reviewed. Different access levels can be set for users:
- Patient Read Only – view patient demographics
- Sitewide Read only – view patient and physician information
- Patient Administrator – enter new patients, update patient information, upload and review patient documents, add notes, add referrals and appointments, and set reminders
- Practice Administrator - enter physicians, set physician pledge amounts, maintain group/practice information, maintain facility information, and maintain patient and physician status code data
- User Administrator – enter new users, edit/delete existing users, and set user access levels
Not only does setting user access levels add security for your data, it also helps maintain data integrity.
Visit http://www.hhs.gov/ocr/hipaa/ for more information on HIPAA compliance.