Try 14-Days Free!
Try our no-risk, full service 14-day trial. We'll get you set up in no time!
Medi-Scribe, Inc. has subscribed to the Medi-Host web site for about 3-1/2 years. We have been very pleased...
We at Accu-Write, Inc., are ecstatic with the service we receive from Medi-Host....
Medi-Host and HIPAA Compliance
Medi-Host focuses on providing very usable security features made specifically for medical transcription professionals
We have a strong commitment to implementing suggestions provided by the AAMT's HIPAA guide for medical transcriptionists. For reference, please review HIPAA Regulations for Medical Transcriptionists.
Specifically, Medi-Host implements the following security measures and features:
Medi-Host strongly recommends the following safe practices:
- All site communication (page requests, logins, file uploads/downloads) are done through 128-bit SSL encryption.
- Medi-Host's SSL certificate and site identity is authenticated by a respected third party (Starfield Secure Certification Authority) and is maintained anually.
- Access to business sites are controlled by username and password authentication.
- Access to upload and download medical files is only available to authenticated users.
- File downloading abilities are restricted to files specifically assigned to that user.
- All system actions are logged to allow site owners to track the behavior of all site users.
- Always protect your username and password. Do not write it down or save it in a file anyone can read.
- For transcriptionist or admin accounts, do not share passwords with other users. Instead, create accounts for the roles that will be necessary for them.
- Only create accounts for those you can trust.
- Immediately deactivate accounts for those who are terminated or are suspected of misuse, and remind clinics to change their password when staff changes.
The Medi-Host database does not store any personally identifiable information. The Medi-Host system will not attempt to read the contents of the files transferred through the system. Therefore, no personal information regarding the users of Medi-Host or the contacts discussed in the files sent through Medi-Host will be collected, sold or made available to any party.
By default, files are not stored encrypted on the Medi-Host server. HIPAA regulations do not require stored files to be encrypted, and this makes the file transfer process much easier for business owners, transcriptionists and clinics. Direct access to these files are only available to one person, the Medi-Host system administrator, who is bound to document confidentiality by the EULA between Medi-Host and the service subscription owner. All other access to these files is controlled by the Medi-Host web interface.
If extra layers of protection are desired, Medi-Host suggests the following:
HIPAA compliance and web security is a continually growing and expanding field. When deemed appropriate, Medi-Host will adjust security practices to accomplish the goal of being a secure but simple document transfer system.
- Click the Unique Encryption box when uploading a file. This will save an encrypted file to the system using the password provided. Note that the user downloading the file must enter the same password, and that Medi-Host cannot offer assistance if the password is lost or forgotten.
- Zip files being sent to the site using a password. After the user downloads the zip file, the password will be necessary to open the enclosed file(s).
- Do not store files for long periods on the system. A single file should only exist on the site for 7-days or less.
Medi-Host cannot be held liable for any unauthorized use of the system or unauthorized access granted to individuals utilizing a compromised account. All misuse and incidents should be reported immediately to firstname.lastname@example.org.