DataMatrix Privacy Policy
DataMatrix keeps your patients’ information secure and HIPAA compliant.
DataMatrix servers are hosted with Tier-I data centers. Our data center network is designed and built for a Zero-Downtime Network™. They are designed and maintained without compromise for security or redundancy.
Security covers all three critical security areas physical security, operational security and system security.
Physical Security
Physical hosting security includes locking down and logging all physical access to servers at the data center. DataMatrix offices have very strong security procedures wherein security personnel are instructed and trained to intercept any unauthorized individual from entering the premises.
DataMatrix has strict security policies and procedures charted out in our Security Policies and Procedures Manual, which are being duly enforced and include policies for Personnel security, Security procedures relating to technicians providing customer support to DataMatrix and any other unauthorized individual.
Operational Security
Operational security involves creating business processes that follow security best practices to limit access to confidential information and maintain tight security over time.
System Security
System security involves locking down systems from the inside, starting with hardened operating systems and up-to-date patching. Enabled automatic logoff, screen password protections to protect unauthorized access of data and honor the Privacy and Security of Protected Health Information.
Information Security
All data transmitted on the Internet and within DataMatrix internal networks is encrypted using proprietary software.
Continuity
DataMatrixhas a Disaster Management Plan. DataMatrix’s operational mode and other details are in the Security Policies and Procedures Manual.
Human Resources
All DataMatrix employees have been trained and made aware of the various Privacy and Security policies and procedures and their need to abide by the policies and procedures. They have also been made aware of the possible sanction against violations of these policies and procedures.
Privacy
Although DataMatrix does not have direct patient relationship, we have developed policies for access, disclosure, minimum necessary standards, consent, and authorization etc. relating to patients’ health information. These policies can be reviewed in our Private Policies and Procedures Manual.
Auditing
DataMatrix has set standards for Internal Audit and Audit controls. These standards are regularly reviewed by auditors, internal and external.
Documentation
DataMatrix adheres to all documentation standards mentioned in the HIPAA regulation and they are maintained electronically and in print and will be made available for inspection to the relevant authorities. The document policies have been made aware to the employees during the training program and they have been assessed about the awareness regarding such policies and procedures.
Certification
Certification has been made by the External Auditors. The certification has been provided after a stringent audit by the Auditors. The Certificate explains the procedures and standards implemented during the audit.
