Software and hardware systems in place to maintain network and data security

• The medical records are uploaded into a client portal which is protected by end to end encryption using HTTPS and SSL certificates.
• The medical records are encrypted and stored in a high secure data center serviced by one of top cloud services provider.
• Strong passwords are enforced, encrypted and stored in database.
• Only authorized persons will be able to access the medical records only when they are working on that case.
• Role based access controls in client portal are in place to prevent unauthorized access to the portal
• Access restrictions like Firewall, whitelisting of IP and access to only company emails are in place to prevent access of Medical Records outside the organization.

On-site measures taken by Trivent to protect the PHI

• Access restrictions like biometric access and monitoring like security guards, CCTV cameras are in place to prevent unauthorized access to Trivent premises.
• Access restrictions like cameras or cell phones not allowed in the work zone and disabling of USB storage to prevent unauthorized transmission of data outside the company premises.

Internal policies and training implemented to secure the PHI

• Non-Disclosure Agreement (NDA) is signed by all employees and contractors working for Trivent.
• Intensive background check is conducted during the employee hiring process.
• Security awareness and ethical training provided to all employees and contractors working for Trivent on a periodic basis.
• Information Security Management System (ISMS) policies and procedures are in place to provide a secure work environment.

The PHI (Protected Health Information) is not available or disclosed to unauthorized persons.

• The medical records are uploaded into client portal which is protected by end to end encryption using HTTPS and SSL Certificates.
• The medical records are encrypted and stored in a high secure data center serviced by one of top cloud services provider.
• Only authorized persons will be able to access the medical records only when they are working on that case.
• Role based access controls in client portal are in place to prevent unauthorized access to the portal.
• Access restrictions like firewall, whitelisting of IP and access to only company emails are in place to prevent access of medical records outside the organization.
• Access restrictions like biometric access and monitoring like security guards, CCTV cameras are in place to prevent unauthorized access to Trivent premises.
• Access restrictions like cameras or cell phones not allowed in the work zone and disabling of USB storage to prevent unauthorized transmission of data outside the company premises.
• Non-Disclosure Agreement (NDA) is signed by all employees and contractors working for Trivent.
• Security awareness and ethical training provided to all employees and contractors working for Trivent on a periodic basis.

The PHI is not modified or destroyed in an unauthorized manner

• The medical records are accessed only in offline mode as PDF documents
• No direct access to the PHI data storage through system or any other way is available
• The PHI data is extracted and stored only in our end products like medical chronology
• The PHI data is not extracted and stored in any easily identifiable manner like database or named entities

The PHI is easily accessible and usable by an authorized person

• Medical records are accessible only through the Client Portal software for authorized persons
• The client portal and medical records are hosted in a high secure data center. The data center is services by one of the Top Cloud service providers with 24×7 availability.
• Role based access controls are in place to allow access to authorized persons