Document Management from World-SCAN, Inc.

Information Request | About Us | Contact Us | Home

InSCAN
OutSCAN
WebDOCK

HIPAAReady
Paper Facts
Benefits

HIPAA Ready

Being an ASP (Application Service Provider), we understand that our clients are concerned about security. We work very hard to protect the confidentiality of your data and have designed WebDOCK to meet and exceed the standards set forth by HIPAA and other organizations. We have in place multiple security measures to protect your valuable data.

WebDOCK uses Secure Socket Layer (SSL) technology with 128-bit encryption. This powerful technology protects your data from being intercepted and meets HIPAA's requirements.
All activity within WebDOCK is logged and reported to you via our proprietary log analysis tool. Unusual behavior is also tracked and user accounts are disabled when this behavior occurs.
Sessions expire after 15 minutes of inactivity. This ensures that licenses are kept available and that user sessions are not left idle for an unauthorized person to begin using.
Strict password conventions are exercised, including 6 characters or more, at least one special character, and users cannot use the same password twice.

Requirements of the HIPAA Privacy Regulations
WebDOCK supports behavior consistent with the HIPAA Privacy Rules. These rules call for information systems that audit workflow. We feel that WebDOCK's administrative logs address these audit requirements. As changes take place in the interpretation of workflow we will develop accordingly. There are many issues your medical establishment will need to address under the HIPAA Privacy Rule. We will be hard at work making sure your electronic storage and retrieval software solutions are HIPAAReady.

The HIPAA Security Regulations
WebDOCK has features and tools in place that encrypt messages before sending them over the Internet. We continue to review the HIPAA objectives and flexibilities provided to your medical establishment and feel that WebDOCK will be HIPAAReady in all areas including reliable authentication, secure transmission, and contingency preparation.

We will make you aware of what parts of HIPAA compliance are supported by WebDOCK technology. WebDOCK alone will not make your medical establishment HIPAA compliant. We assure you that everyone at World-SCAN, Inc. involved with the WebDOCK product is dedicated to having your electronic storage and retrieval software HIPAAReady.

Disaster Avoidance and Business Recovery
HIPPA will be requiring the Healthcare industry to provide and document the following:

A Disaster Avoidance and Business Recovery Plan that enables Healthcare organizations to restore any loss of data.
An Emergency Operation Plan that enables continuation of Healthcare business operations in the event of fire, vandalism, natural disaster, system failure, etc.

The purpose of this contingency plan is to ensure that accurate data needed to run your Healthcare operation is always available and to assure that your organization is prepared if the integrity or availability of data is threatened or compromised. To date, World-SCAN, Inc. is very HIPAAware & HIPAAReady in these areas and feel confident that our WebDOCK product will be your answer to a contingency plan for Disaster Avoidance and Business Recovery. WebDOCK will be your alternate secure site for storage and recovery of crucial data. WebDOCK will become your data repository for your "Data Recovery Hot Site" and can be activated wherever you have a PC loaded with application software and an Internet connection. We are HIPAAware & HIPAAReady in the area of emergency mode alternate site processing strategies.

For other areas of HIPAA compliancy we suggest you visit the following web site http://www.hipaadvisory.com.

WebDOCK Hosting Agreement
We address in our hosting agreement the following security and privacy issues.

We have the tools in place that provide your appointed authorized users with a security mechanism that will protect the integrity and confidentiality of transmitted data.
We have the tools in place that will log and notify the administrator of any unauthorized attempts to view documents or any attempts to disclose protected information.
We have the tools in place that will protect your medical data from improper access by our own staff as well as would-be intruders.
We have non-disclosure agreements in place with subcontractors and agents that restrict their use and disclosure of protected medical data.

Articles of Interest
To help you gain insight into HIPAA, we are providing links to various articles that discuss this ever changing standard. We hope you find these articles helpful and informative.

HIPAAdvisory.com - Disaster Readiness
ZDNet.com - Disaster Planning Goes Beyond IT

We know that there will be continuing HIPAA changes, revisions, and interpretations. We want to assure you that we plan to have you HIPAAReady from our end, every step of the way.