Security and Compliance

 

Hippa_complant

Iman Security & Compliance Policy

Iman security parameters are completely based on both the ISO 27001:2005 certified, ISO 9001:2008 registered and HIPAA standards. The registration further accredits Iman in its continuous effort to maintain high-quality standard, guaranteeing current and prospective clients that its systems and support services meet the extremely high standards established by the International Organization of Standardization.

In addition, our technology and business processes follow stringent HIPAA specified security and confidentiality norms for patient information, and establish an audit trail of all those who have access to the patient health information. We have well defined, security policies regarding physical site security, systems/network security, data security, personnel security, company-use policies, Internet usage policies and a full array of hardware and software warranties and service agreements.

The goal of these policies it to protect the confidentially and integrity of our clients database and to insure the efficient operation and constant availability of the healthcare support services we provide to our clients.

Site Security:

Our facility is accessible to authorized personnel only, the use of electronic security doors guarantees limited access. Surveillance cameras are also used to provide monitoring for key locations around the facilities.

Data Security:

Iman works closely with the client's IT staff to determine the appropriate security programs, devices and procedures necessary to protect the integrity and confidentiality of all client data. All Iman desktop software and configuration are client specified and as per project requirements.

Authorized personnel controls Iman proprietary database transaction tracking system. The system is password protected at multiple levels to prevent unauthorized access to specific system management functions and underlying programs.

Upon joining Iman all new employees sign a confidentiality agreement. We also participate in regular security audits and penetration tests to ensure that a robust data security system is created and maintained. Any security breaches are immediately reported to our clients.

Network Security:

Iman enforces very restrictive systems access policies. We have a stringent policy in place for passwords, and network access.

Iman’s Contingency Plan:

Iman acknowledges the potential for a serious disruption of business by hardware or software failure or other natural calamities. Iman has comprehensive data, physical and disaster recovery policies in place to address the issue of business continuity.

Backup of Data:

Iman networks are backed up on tape on a nightly basis and all tapes are stored off-site in a secure facility with temperature and humidity calibrations. The software used to manage the backup processes is a specially designed component of our security software package. We also retain source code and software systems on multiple servers at several sites.