As experts in the technology of the medical transcription industry, we go the extra mile to know the industry and its players, inside out.

HIPAA Compliance

HIPAA Preparedness Statement

STATscript recognizes the significant challenge that HIPAA regulation present to the healthcare industry and to our customers. STATscript is committed to helping our users achieve HIPAA compliance. To this end, we have created a governing framework to define and manage our HIPAA initiatives.

A full time HIPAA Privacy Officer facilitates and manages the information security and HIPAA needs of our organization as well as for our customers. We have developed and maintain effective educational programs for training internal and external clients on the requirements of HIPAA.

STATscript understands that the HIPAA regulations are subject to change. STATscript’s guiding principle is to make every reasonable effort to be knowledgeable and responsive regarding HIPAA regulations, and to achieve HIPAA compliance within the mandated timeframes.

STATscript Compliance

HIPAA
Requirement		 STATscript
Compliance
1. Information Access Control Limits access to application by:
User ID and Password YES
Role-based access YES
Context-based access YES
User-based access YES
Note: HIPAA requires at least one access control mechanism to be present
   
2. Auto Log-off
Time out mechanism to define an automatic
log-off from application if no activity occurs
within designated time. 		YES
   
3. Audit Logging Provides adequate report within the application with retro activity for last 12 months when patient data is:
Accessed YES
Changed (add or edit activity) YES
Deleted YES
   
4. User Authentication Uniquely identifies a user by:
Password (Encrypted) YES
Personal Identification Number (PIN) YES
Telephone Callback N/A
Token N/A
Note: HIPAA requires at least one user authentication method to be present