HIPAA Compliance
JITMED has physical, network and process security measures in place and follow them to ensure HIPAA Compliance. We are committed to mandate and ensure the confidentiality, integrity & security of confidential data.
Quality & Compliance
ISO – 9001 & 27001 Certified for Quality & Information Security
Standard Processes and data driven approach across all services.
With integrated security system in place ensure data security of all clients.
Meet and exceed customer expectation in terms of quality and timely delivery.
HIPAA Compliance
JITMED understands all HIPAA regulations and strives to exceed these standards.
JITMED complies with all HIPAA standards and understands the need for strict adherence.
JITMED trains all the employees to ensure security, privacy and confidentiality of all information.
JITMED ensures stringent security measures put in place to ensure confidentiality of client’s.
Employee Hiring & Background Checks
Our HR department conducts extensive background checks on all new employees prior to our “employee confirmation process.” Once confirmed, employees can access our system only with valid logins and passwords. Furthermore, access to sensitive information is on a “need to know basis” and we constantly keep watch to prevent any of our clients’ data from being accessed except by authorized employees. In addition, all our employees receive confidentiality training (as required by HIPAA) and must sign confidentiality agreements.
Administrative Safeguards
All risk areas related to e-PHI have been identified and developed procedures to mitigate risks including:
- Non-Disclosure Agreement with clients, vendors, visitors and employees
- Access on need basis for client logins and file systems including password management
- Training to employees on e-PHI, risks and complaints
- Backup of all files and documents stored in the server on external storage devices
Physical Safeguards
All employees have restricted access to information (both internal and external) that is exclusive to the performance of their duties.
- Bio-metric access to prevent unauthorized entry
- Floor-level security to client work areas are implemented
- Cameras in all security sensitive areas in the premises to monitor
- Only authorized personnel are allowed to enter the server room
- USB ports are restricted only to keyboards, mice and other peripherals
- Removable storage devices are inaccessible through the USB ports
- Power saving options are enabled in all workstations
- Screensavers are activated in 2 minutes and workstations are automatically locked in 5 minutes
- Devices like Laptops, Mobile Phones, Cameras, CD/DVDs, Pen Drives, etc., are not allowed to be carried into the work area
Technical Safeguards
- Data transfer is completely protected through secure VPN tunnels with respective clients
- Access to firewall is approved by management for maintenance
- Encryption of Client data done at a level of 3DES standard to ensure confidentiality in line with HIPAA standard’s
- All Servers and desktops protected by anti-virus software
- Anti-virus updates are done automatically, regular audits are carried out
- Unique Login credentials provided to users to access the shared folders
- Restricted access to internet provided based on client requirement
- All Internet access being monitored by security team
- Email access for all employees and only authorized personnel have the ability to send/receive mails outside the network.