Our protocols are designed to include active client participation. Clients choose their preferred EMR, cloud storage, and phone system with which they may be familiar or comfortable. These channels are secured at all times, maintaining a delicate balance between protection and client accessibility.

VAs have individual accounts and are assigned a company laptop and work desk, making it easier for management to trace unauthorized access or any misuse of PHI. At the end of their shifts, laptops are documented and returned to a designated storage to be kept under lock and key.

Our office spaces are guarded by security personnel and some areas are closed off to the general staff. Workstations that handle PHI are designated as “HIPAA zones” and observe tighter security clearance policies. Employees are banned from using cellphones and similar recording devices at their HIPAA-designated workstations. Non-HIPAA-trained personnel are prohibited from entering HIPAA zones unless properly authorized.

We observe a zero-tolerance policy in the unauthorized downloading of PHI. We strictly refrain from printing PHI — and in circumstances where printing may be of utmost necessity, the documents are subsequently destroyed via shredder in the presence of a HIPAA officer.