When a practice or doctor’s office considers outsourcing medical records tasks (like release of information or inbound document management to a third party, they often have concerns over the security and risk of letting someone else manage this function. Given the strict HIPAA security measures and hefty penalties for breaches of protected patient PHI, this is a natural area of concern providers like ScanSTAT must address for Covered Entities.

When you choose ScanSTAT for outsourced records services, know that you can do so with the utmost confidence in the security and integrity we apply to ePHI you entrust us to transmit on your behalf. Our specialized domain knowledge means we are experts in medical records workflows, processes, HIPAA regulations and EMR platforms. It also means as your Business Associate, we are held to the same high HIPAA standards as a Covered Entity is. Thus, we have a variety of processes, audit controls and security measures in place to protect patient PHI as it moves through the chain of custody to arrive at its final destination, including:

  • Strict workflow protocols to maintain HIPAA compliance
  • Annual security risk assessments mandated under HIPAA
  • SSL Encryption for transmitted data
  • SAS70 certified data center to host, store and distribute patient data
  • Business Associate agreements with all subcontractors and vendors

 Contact one of our team members to find out how our robust records handling services apply to you.