|
TSP by Spantel
Security Issues |
 Spantel provides solutions that are compliant with all applicable laws and regulations. Even as the final rules for Security and Electronic Signature Standards under the Health Insurance Portability & Accountability Act (HIPAA) remain pending, we are integrating the recommendations and designing our solutions to meet the proposed requirements, as they apply to your health information management.
|
| HIPAA's "Chain of Trust" requirement include specific technical and physical security features for data system components, identification of authorized users, control of access, data integrity, and backup/ recovery to ensure availability and reliability. These include the following:
|
| Authentication |
| Authentication is ensured through the use
of passwords and unique identifiers to establish user identity
throughout Spantel's system. |
| Authorization |
| System-use authorization is based on client-defined,
user-and role-based access rights. Data, program, system, and
network integrity play a role in ensuring that information is
changed only in a specified and authorized manner automatically
allowed and verified by TSP. |
| Audit Trail |
|
A complete record (Log) of the time and date and identity of the
person accessing the document is maintained and made available at
all times. This log is available by individual jobs as well as in a
report format for audit trail compliance requirements. Since the
system is access controlled, logging access and changes to specific
identities is strongly addressed.
|
| System
Security |
| Monitoring of activities occurring in our system to prevent
and/or detect any breach. Attempted unauthorized access at any point
of the process triggers alarms and ensures security integrity. |
 Furthermore, all file transfer
is protected by the use of HTTPS secure Internet transfer protocols,
Secure Socket Layer (SSL) technology, 128-bit encryption,
authenticated certificates from the world's leader in security
verificationThawte/Verisign, and password protection. |
| Disaster Prevention/Recovery
|
| Spantel's data center complies with industry standards and
ensure detailed disaster prevention/recovery procedures to manage
and minimize damage or disruption, and ensure stability in case of a
disaster. Our backup system is operational 24 hours per day with no
data loss or interruption in service in the event of system failure.
|
| Data
Processing |
| Secure physical storage of all data and secure
transmission includes constant surveillance by network experts,
premises protected by secure locations, backup generators, and
securely encrypted transmission between Spantel servers and users.
|
| Confidentiality
|
| We restrict access to all confidential information on our site,
and within the TSP system. Only select employees
may access the system for administrative and support purposes.
|
| These employees are very limited in number and are committed to
the Spantel privacy and security policies. |
| Spantel employees execute comprehensive nondisclosure agreements
with us, which provides explicit legal confidentiality protections.
|
|
Client data security is of greatest importance
to Spantel. Not only for HIPAA requirements, but also for e-commerce reasons. All e-commerce transactions with Spantel are conducted with the same level of secure process that would be expected when interacting with a bank, or the US government.
|
| In addition, Spantel guarantees that all
personal data/information is never rented, sold, or shared with any
outside interest for any reason. |
|
|
| Back to top |
| info@spantel.net |
